Kontrola logu

Zpráva

farren · #1 Příspěvek od **farren** » 24 kvě 2012 14:14

Dobrý deň prosím Vás aby ste mi skontrolovali log z rsit pretože niekedy mi notebook pracuje pomalšie + keď si inštalujem nejaký program cez installshield tak sa mi to spustí a ukáže mi okno s Preparing installshield... a potom mi to zmizne a nič sa nedeje
LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marek at 2012-05-24 15:08:13
Microsoft Windows 7 Home Premium
System drive C: has 40 GB (34%) free of 119 GB
Total RAM: 3838 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:19, on 24. 5. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
D:\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 174.140.167.152 status.wow-europe.com
O1 - Hosts: 174.140.167.152 launcher.worldofwarcraft.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Marek\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13729 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe"
"C:\Program Files (x86)\Stardock\MyColors\WBVista.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2928
"taskhost.exe"
taskeng.exe {8E400287-E1EF-4FDC-8135-581E3FC27116}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskeng.exe {463187B0-B1C9-4EEC-987B-F9EFE7509E21}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"D:\Steam\Steam.exe" -silent
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --extension-process --enable-print-preview --channel=3644.04240D80.150049031 /prefetch:3
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path=default_plugin --lang=sk --channel=3644.06DB9700.398253874 /prefetch:4
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3644.053CB000.2131498462 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\Users\Marek\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll" --lang=sk --channel=3644.0531B000.822034224 --flash-broker=2872 /prefetch:4
"C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=CacheListSize/CacheListSize_14/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/HiddenExperimentB/Prefetch/ContentPrefetchPrerender2/PrerenderFromOmniboxHeuristic/OriginalAlgorithm/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3644.05725480.856783930 /prefetch:3
"C:\Users\Marek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\RegCure Program Check.job
C:\Windows\tasks\RegCure.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default

prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.4&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\
ffxtlbr@funmoods.com
plugin@yontoo.com
staged
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{687578b9-7132-4a7a-80e4-30ee31099e03}
{800b5000-a755-47e1-992b-48a1c1357f07}
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\
funmoods.xml
icqplugin.gif
icqplugin.src
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Marek\AppData\Roaming\Complitly\64\Complitly64.dll [2012-02-02 167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-28 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-12-22 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-12-22 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-28 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Marek\AppData\Roaming\Complitly\Complitly.dll [2012-02-02 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
Funmoods Helper Object - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll [2012-01-25 241888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-22 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-12-22 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-12-22 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2011-12-09 194848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-12-22 346736]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll [2011-11-28 963064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-12-22 256112]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2011-11-28 809040]
{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Funmoods Toolbar - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll [2012-01-25 251856]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-08-17 1055808]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Steam\steam.exe [2012-04-15 1242448]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiTrayTools]
C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe [2011-03-27 929280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-04 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe [2012-02-24 6062960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files (x86)\Clownfish\Clownfish.exe [2012-05-08 1091320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-26 1564368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20 634880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2012-03-26 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-01-23 3082320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle Game Profiler]
C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle.exe [2010-08-21 2801664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2011-06-15 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe -d 20000 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Services Host]
C:\Users\Marek\AppData\Roaming\System Services\svchost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-23 1601536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\INSTAL~1\{E5CF6~1\NEBEA7~1.EXE [2010-12-22 156952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
C:\PROGRA~2\Hamachi\hamachi.exe [2012-04-16 624416]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-20 14:28:34 ----RHD---- C:\Users\Marek\AppData\Roaming\SecuROM
2012-05-18 18:48:20 ----D---- C:\Users\Marek\AppData\Roaming\Mount&Blade With Fire and Sword
2012-05-16 20:24:12 ----D---- C:\Program Files (x86)\Scorpions WinCheater
2012-05-14 19:28:59 ----A---- C:\Users\Marek\AppData\Roaming\steam_md5.dat
2012-05-14 18:17:25 ----D---- C:\Program Files (x86)\Clownfish
2012-05-13 19:29:13 ----D---- C:\ProgramData\PowerUp Software
2012-05-13 19:12:34 ----A---- C:\Windows\SYSWOW64\VB5DB.DLL
2012-05-13 19:12:33 ----RS---- C:\Windows\SYSWOW64\msstkprp.dll
2012-05-13 19:12:33 ----A---- C:\Windows\SYSWOW64\SSubTmr6.dll
2012-05-13 19:12:33 ----A---- C:\Windows\SYSWOW64\dx7vb.dll
2012-05-13 19:12:33 ----A---- C:\Windows\SYSWOW64\dsofile.dll
2012-05-13 19:12:33 ----A---- C:\Windows\SYSWOW64\capicom.dll
2012-05-13 19:12:32 ----N---- C:\Windows\SYSWOW64\ADsSecurity.dll
2012-05-13 19:12:32 ----A---- C:\Windows\SYSWOW64\zlib.dll
2012-05-13 19:12:32 ----A---- C:\Windows\SYSWOW64\dxinputdll.dll
2012-05-13 19:12:27 ----D---- C:\Program Files (x86)\PowerUp Software
2012-05-11 16:30:30 ----D---- C:\Users\Marek\AppData\Roaming\Tropico 3
2012-05-11 16:27:03 ----D---- C:\Program Files (x86)\Kalypso
2012-05-06 18:22:19 ----A---- C:\Windows\system32\perfh01B.dat
2012-05-06 18:22:19 ----A---- C:\Windows\system32\perfc01B.dat
2012-05-06 18:21:58 ----D---- C:\Windows\SYSWOW64\BestPractices
2012-05-06 18:21:53 ----D---- C:\Windows\system32\BestPractices
2012-05-06 18:21:53 ----D---- C:\inetpub
2012-05-06 10:32:09 ----D---- C:\Program Files (x86)\uTorrentControl2
2012-05-01 13:34:34 ----D---- C:\ProgramData\Mozilla
2012-05-01 13:34:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-04-29 15:47:40 ----D---- C:\Users\Marek\AppData\Roaming\dclogs

======List of files/folders modified in the last 1 month======

2012-05-24 15:08:15 ----D---- C:\Program Files\Trend Micro
2012-05-24 15:07:30 ----D---- C:\Windows\temp
2012-05-24 15:07:24 ----RD---- C:\Program Files (x86)
2012-05-24 15:05:08 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2012-05-24 14:05:57 ----D---- C:\Windows\system32\config
2012-05-24 13:55:09 ----SHD---- C:\System Volume Information
2012-05-24 13:42:25 ----HD---- C:\Config.Msi
2012-05-23 19:17:34 ----D---- C:\Users\Marek\AppData\Roaming\SoftGrid Client
2012-05-23 15:51:58 ----SHD---- C:\Windows\Installer
2012-05-23 15:51:05 ----D---- C:\Windows\SysWOW64
2012-05-23 15:51:05 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-05-23 15:50:53 ----D---- C:\Windows\inf
2012-05-23 15:50:35 ----D---- C:\Windows\System32
2012-05-23 15:50:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-23 15:50:03 ----RSD---- C:\Windows\assembly
2012-05-23 15:39:26 ----D---- C:\Windows\Microsoft.NET
2012-05-23 15:39:06 ----D---- C:\Windows\SYSWOW64\en-US
2012-05-23 15:39:06 ----D---- C:\Windows\system32\en-US
2012-05-23 15:36:43 ----D---- C:\Windows
2012-05-23 09:37:07 ----D---- C:\Windows\Logs
2012-05-22 18:06:12 ----D---- C:\Users\Marek\AppData\Roaming\Hamachi
2012-05-22 13:43:12 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-05-21 14:16:57 ----D---- C:\Windows\system32\catroot2
2012-05-20 08:16:51 ----D---- C:\Windows\system32\Tasks
2012-05-19 11:59:49 ----D---- C:\ProgramData\PMB Files
2012-05-17 19:33:19 ----D---- C:\Users\Marek\AppData\Roaming\.minecraft
2012-05-13 19:29:13 ----HD---- C:\ProgramData
2012-05-13 19:25:12 ----SD---- C:\ProgramData\Microsoft
2012-05-13 19:12:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-05-13 15:06:33 ----SHD---- C:\Windows\SYSWOW64\FUXULO
2012-05-13 15:06:33 ----SHD---- C:\Windows\SYSWOW64\BXDVPH
2012-05-13 13:21:29 ----D---- C:\Windows\rescache
2012-05-07 14:07:12 ----D---- C:\Windows\winsxs
2012-05-06 19:31:47 ----RSD---- C:\Windows\Fonts
2012-05-06 19:31:47 ----RD---- C:\Program Files
2012-05-06 19:31:47 ----D---- C:\Windows\SYSWOW64\wbem
2012-05-06 19:31:47 ----D---- C:\Windows\system32\wbem
2012-05-06 18:22:00 ----D---- C:\Windows\SYSWOW64\migration
2012-05-06 18:22:00 ----D---- C:\Windows\SYSWOW64\inetsrv
2012-05-06 18:21:57 ----D---- C:\Windows\system32\migration
2012-05-06 18:21:57 ----D---- C:\Windows\system32\inetsrv
2012-05-03 14:36:14 ----D---- C:\Users\Marek\AppData\Roaming\TS3Client
2012-05-02 18:27:03 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-05-01 13:34:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-30 07:47:12 ----D---- C:\Windows\pss
2012-04-29 10:02:41 ----A---- C:\Windows\Sandboxie.ini
2012-04-26 20:40:50 ----D---- C:\Users\Marek\AppData\Roaming\Adobe
2012-04-26 17:34:28 ----D---- C:\Users\Marek\AppData\Roaming\runic games
2012-04-26 17:29:34 ----D---- C:\Program Files (x86)\VideoLAN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-12-22 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-28 254528]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-06-15 93240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-08 86584]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-11-26 314016]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-11-26 43680]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-25 7195648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-07-25 265728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-04-16 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 760168]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
S1 ocofslgo;ocofslgo; \??\C:\Windows\system32\drivers\ocofslgo.sys []
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 CEDRIVER60;CEDRIVER60; \??\C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys [2011-06-12 50688]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 GPU-Z;GPU-Z; \??\C:\Users\Marek\AppData\Local\Temp\GPU-Z.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-12-22 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-07-25 203264]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-12 873248]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-03-26 1564368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-08-17 247872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-04-07 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-05-19 529232]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
S2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 PinnacleUpdateSvc;PinnacleUpdate Service; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [2010-01-04 413696]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-05-08 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-08 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-01-03 4726616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-29 1255736]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 24 kvě 2012 14:33

Zdravim a pekny den preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

farren · #3 Příspěvek od **farren** » 24 kvě 2012 14:40

tu máte log
btw aj vám pekný deň

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 4 ¤¤¤
[SUSP PATH] RunAsStdUser Task.job @ : C:\Users\Marek\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe -> FOUND
[SUSP PATH] {9E58E70D-FCDF-409A-89C3-500AEDBE1855}.job @ : C:\Users\Marek\AppData\Roaming\.minecraft\MinecraftSP.exe -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

#4 Příspěvek od **vyosek** » 24 kvě 2012 14:42

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

farren · #5 Příspěvek od **farren** » 24 kvě 2012 14:52

log 1:

¤¤¤ Záznamy Registrov: 4 ¤¤¤
[SUSP PATH] RunAsStdUser Task.job @ : C:\Users\Marek\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe -> DELETED
[SUSP PATH] {9E58E70D-FCDF-409A-89C3-500AEDBE1855}.job @ : C:\Users\Marek\AppData\Roaming\.minecraft\MinecraftSP.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

log2:

RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ: Marek [Práva Správcu]
Režim: Oprava HOSTS -- Dátum: 05/24/2012 15:51:22

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#6 Příspěvek od **vyosek** » 24 kvě 2012 14:53

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

farren · #7 Příspěvek od **farren** » 24 kvě 2012 15:24

OTL log

OTL logfile created on: 24. 5. 2012 15:56:13 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Marek\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,75 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 60,96% Memory free
7,49 Gb Paging File | 5,99 Gb Available in Paging File | 79,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 39,16 Gb Free Space | 33,63% Space Free | Partition Type: NTFS
Drive D: | 327,83 Gb Total Space | 73,14 Gb Free Space | 22,31% Space Free | Partition Type: NTFS

Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/05/24 15:54:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Downloads\OTL.exe
PRC - [2012/04/07 18:05:49 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/03/26 19:44:24 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
PRC - [2011/09/15 13:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/08/17 11:04:36 | 000,247,872 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/08/18 00:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009/12/15 20:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/07/31 20:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/20 07:35:35 | 000,411,120 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
MOD - [2012/01/20 07:35:34 | 003,767,792 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012/01/20 07:34:10 | 000,122,880 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012/01/20 07:34:09 | 000,222,208 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012/01/20 07:34:07 | 001,746,432 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012/01/20 04:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2012/01/20 04:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Marek\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll
MOD - [2011/08/28 23:19:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/11/28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/05/08 21:04:48 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/11/25 22:03:12 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/25 18:30:33 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:64bit: - [2010/03/12 06:13:54 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/19 08:36:47 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/07 18:05:49 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/03/28 07:15:09 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012/03/26 19:44:24 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/01/03 21:14:00 | 004,726,616 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/09/15 13:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/08/17 11:04:36 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/05/08 21:04:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/04 22:18:16 | 000,413,696 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2009/12/15 20:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/07/14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/14 03:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/14 03:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/09 09:56:16 | 000,337,200 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/04/16 17:48:56 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011/11/28 19:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 19:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 19:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 19:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 19:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 19:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/26 13:05:23 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/11/26 13:05:20 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/06/15 10:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/04/28 21:13:02 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/22 02:49:21 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/23 10:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/09/08 19:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/07/25 18:58:37 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/07/25 17:56:13 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/06/25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/04/28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/08 10:11:59 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/02/25 05:26:57 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/15 07:23:19 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/01/15 07:23:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/15 07:23:09 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/12/22 12:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/12/14 10:03:49 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/02 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/08/18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/08 07:02:14 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2009/06/05 12:15:57 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/13 19:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/05/05 04:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/04/07 08:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2006/12/13 18:14:14 | 000,065,024 | ---- | M] (Aladdin Knowledge Systems Ltd.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2006/12/04 10:44:14 | 000,314,368 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2011/06/12 17:52:34 | 000,050,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Cheat Engine 6.1\dbk64.sys -- (CEDRIVER60)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = Zbani
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2790392
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKLM\..\SearchScopes\zbani: "URL" = http://home.zbani.com/en/get/{searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... aec5360095
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BscscnPB& ... earchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{A140E0BC-A996-4ED2-AAC9-25E9A7305A30}: "URL" = http://start.funmoods.com/results.php?f ... earchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2790392
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\zbani: "URL" = http://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.4&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/05 15:17:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/20 19:19:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF [2012/03/21 06:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/01 13:34:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/05 15:17:35 | 000,000,000 | ---D | M]

[2012/01/13 19:48:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Extensions
[2012/05/06 10:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions
[2012/03/03 09:11:25 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012/05/06 10:32:19 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/03/26 19:44:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/02/24 13:12:34 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/02/28 19:45:18 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com
[2012/02/23 20:24:31 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com
[2012/05/01 13:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\staged
[2012/02/23 20:23:50 | 000,001,797 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\funmoods.xml
[2012/03/26 19:44:19 | 000,000,168 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.gif
[2012/03/26 19:44:19 | 000,000,618 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.src
[2011/03/30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.xml
[2012/05/01 13:34:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/30 17:48:18 | 000,000,000 | ---D | M] (BasicScan) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
[2012/03/26 13:59:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/28 20:40:39 | 000,013,152 | ---- | M] () (No name found) -- C:\USERS\MAREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LWKXE4WN.DEFAULT\EXTENSIONS\{E6C1199F-E687-42DA-8C24-E7770CC3AE66}.XPI
[2012/04/21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/21 05:10:09 | 000,001,583 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\atlas-sk.xml
[2012/04/21 05:10:09 | 000,001,380 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\azet-sk.xml
[2012/02/11 10:04:23 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/04/21 05:10:09 | 000,001,479 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/04/21 05:10:09 | 000,001,473 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/04/21 05:10:09 | 000,001,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/04/21 05:10:09 | 000,000,830 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\zoznam-sk.xml

farren · #8 Příspěvek od **farren** » 24 kvě 2012 15:25

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Marek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.0.31.200\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marek\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Marek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: uTorrentControl2 = C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\
CHR - Extension: Canvas Rider = C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2012/05/24 15:51:22 | 000,000,868 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Marek\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Marek\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods)
O3 - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EF2AF94-104D-47BE-9C3A-B27B5426DE1C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/04/12 16:12:55 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{ce9b26f0-718e-11e0-a38a-74f06dc29065}\Shell - "" = AutoRun
O33 - MountPoints2\{ce9b26f0-718e-11e0-a38a-74f06dc29065}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\Shell - "" = AutoRun
O33 - MountPoints2\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\Shell\install\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: aux - File not found
Drivers32:64bit: aux1 - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midi1 - File not found
Drivers32:64bit: midi2 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer1 - File not found
Drivers32:64bit: mixer2 - File not found
Drivers32:64bit: mixer3 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: MSVideo8 - File not found
Drivers32:64bit: VIDC.FPS1 - File not found
Drivers32:64bit: vidc.i420 - File not found
Drivers32:64bit: VIDC.IYUV - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: VIDC.UYVY - File not found
Drivers32:64bit: VIDC.YUY2 - File not found
Drivers32:64bit: VIDC.YVU9 - File not found
Drivers32:64bit: VIDC.YVYU - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave1 - File not found
Drivers32:64bit: wave2 - File not found
Drivers32:64bit: wave3 - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: aux - wdmaud.drv File not found
Drivers32: aux1 - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midi2 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: mixer2 - wdmaud.drv File not found
Drivers32: mixer3 - wdmaud.drv File not found
Drivers32: msacm.divxa32 - msaud32_divx.acm File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: msacm.siren - sirenacm.dll File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: vidc.DIVX - DivX.dll File not found
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
Drivers32: vidc.i420 - iyuv_32.dll File not found
Drivers32: vidc.iyuv - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.uyvy - msyuv.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yuy2 - msyuv.dll File not found
Drivers32: vidc.yv12 - DivX.dll File not found
Drivers32: vidc.yvu9 - tsbyuv.dll File not found
Drivers32: vidc.yvyu - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wave2 - wdmaud.drv File not found
Drivers32: wave3 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/05/24 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Google
[2012/05/24 15:38:29 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\RK_Quarantine
[2012/05/22 13:41:12 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\if crashes
[2012/05/20 14:28:34 | 000,000,000 | RH-D | C] -- C:\Users\Marek\AppData\Roaming\SecuROM
[2012/05/19 20:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/19 07:50:40 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\EAM 1.0.25
[2012/05/18 18:48:20 | 000,000,000 | ---D | C] -- C:\Users\Marek\Documents\Mount&Blade With Fire and Sword
[2012/05/18 18:48:20 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/05/18 18:44:18 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade With Fire and Sword
[2012/05/18 18:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade With Fire and Sword
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/05/24 15:58:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/05/24 13:52:25 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 13:52:25 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 13:42:53 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2012/05/24 13:42:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/24 13:42:26 | 3018,182,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 17:00:01 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2012/05/23 15:51:05 | 000,911,928 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/23 15:51:05 | 000,677,796 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/23 15:51:05 | 000,134,450 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/23 15:51:05 | 000,094,038 | ---- | M] () -- C:\Windows\SysNative\perfh01B.dat
[2012/05/23 15:51:05 | 000,034,252 | ---- | M] () -- C:\Windows\SysNative\perfc01B.dat
[2012/05/23 15:50:35 | 000,911,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/23 09:42:52 | 000,001,583 | ---- | M] () -- C:\Users\Public\Desktop\NHL™ 09.lnk
[2012/05/22 15:14:39 | 000,001,110 | ---- | M] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2012/05/21 14:48:02 | 000,483,982 | ---- | M] () -- C:\Users\Marek\Desktop\2012-05-21_14.43.49.png
[2012/05/19 21:23:50 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/19 09:39:39 | 000,309,155 | ---- | M] () -- C:\Users\Marek\Desktop\2012-05-19_09.34.01.png
[2012/05/18 18:44:18 | 000,000,676 | ---- | M] () -- C:\Users\Marek\Desktop\Mount&Blade With Fire and Sword.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/23 09:42:52 | 000,001,583 | ---- | C] () -- C:\Users\Public\Desktop\NHL™ 09.lnk
[2012/05/22 15:14:39 | 000,001,110 | ---- | C] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2012/05/21 14:46:08 | 000,483,982 | ---- | C] () -- C:\Users\Marek\Desktop\2012-05-21_14.43.49.png
[2012/05/19 20:41:17 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/19 09:34:01 | 000,309,155 | ---- | C] () -- C:\Users\Marek\Desktop\2012-05-19_09.34.01.png
[2012/05/18 18:44:18 | 000,000,676 | ---- | C] () -- C:\Users\Marek\Desktop\Mount&Blade With Fire and Sword.lnk
[2012/05/14 19:28:59 | 000,000,004 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\steam_md5.dat
[2012/05/13 19:12:32 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/05/13 19:12:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2012/05/13 19:12:32 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2012/03/30 17:48:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\0661d493baa9fb77c9aff2360e5dfb75_c
[2012/03/14 18:47:28 | 000,315,392 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\met0ri.exe
[2012/03/04 09:43:59 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/02/29 15:41:45 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012/02/29 15:41:45 | 000,026,484 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/28 16:51:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/10/16 11:32:44 | 000,003,400 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/10/08 14:28:07 | 000,472,576 | ---- | C] () -- C:\Windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2011/10/04 18:12:27 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2011/10/01 11:02:15 | 000,040,448 | ---- | C] () -- C:\Windows\SysWow64\trial_setup.exe
[2011/10/01 11:02:15 | 000,000,777 | ---- | C] () -- C:\Windows\SysWow64\trial_setup.ini
[2011/09/23 17:07:57 | 000,126,976 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\chrtmp
[2011/09/14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/08/13 07:47:46 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/07/19 19:18:06 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/12 21:03:49 | 000,045,286 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\room_v3.dat
[2011/06/17 16:41:20 | 000,007,606 | ---- | C] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2011/06/11 18:11:37 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/11 18:11:35 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/06/09 17:43:07 | 000,128,512 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2011/06/04 10:12:13 | 000,109,248 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\MSWINSCK.OCX
[2011/05/15 15:22:05 | 000,166,468 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\data.dat
[2011/05/05 15:03:01 | 000,164,665 | ---- | C] () -- C:\Windows\hpoins27.dat
[2011/05/05 15:03:01 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2011/05/01 18:32:24 | 000,021,520 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2011/04/30 09:16:04 | 000,000,565 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\myMPQ.ini
[2011/04/27 17:55:37 | 000,046,742 | ---- | C] () -- C:\Users\Marek\AppData\Roaming\room.dat
[2011/04/26 16:42:23 | 000,911,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/25 19:23:21 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/12/22 03:16:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/22 03:13:37 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/22 03:08:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== LOP Check ==========

[2012/02/25 19:04:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit minecraft
[2012/05/24 15:18:12 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft_xray
[2012/04/01 09:36:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.Nitrous
[2012/03/31 13:17:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.platinum
[2012/04/19 17:52:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.techniclauncher
[2012/03/15 20:15:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\8BallRuler
[2012/02/04 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\AdventureCraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Asus WebStorage
[2011/08/09 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Audacity
[2012/02/11 10:04:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Babylon
[2012/03/03 09:11:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Complitly
[2011/04/29 14:46:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
[2012/05/01 07:40:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\dclogs
[2011/09/09 13:46:21 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\EeeStorageUploader
[2011/08/20 16:04:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\eType
[2011/10/17 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\FileZilla
[2012/01/14 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Free Sound Recorder
[2012/02/04 18:10:41 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GameRanger
[2012/03/02 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GarenaPlus
[2012/02/28 21:11:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GetRightToGo
[2011/10/17 15:44:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GHISLER
[2011/08/24 16:50:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\go
[2012/01/21 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC
[2012/01/21 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/11/03 21:51:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\IceCold, Inc
[2012/04/12 14:00:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ
[2012/03/26 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ Search
[2011/05/21 15:50:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ImgBurn
[2011/09/30 14:51:23 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Imperium Romanum
[2011/05/01 13:31:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Leadertech
[2011/07/13 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient
[2012/04/12 16:37:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MAXON
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MinecraftServer
[2012/05/18 18:49:54 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mount&Blade With Fire and Sword
[2011/08/11 14:29:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Need for Speed World
[2011/08/13 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\OpenCandy
[2011/09/07 13:34:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera
[2012/04/13 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PFStaticIP
[2006/03/17 10:58:49 | 000,000,000 | RHSD | M] -- C:\Users\Marek\AppData\Roaming\ps9876z0987fx
[2011/08/20 20:13:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Publish Providers
[2011/10/16 17:32:52 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\pymclevel
[2012/02/17 19:33:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Rovio
[2012/04/26 17:34:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\runic games
[2011/08/19 12:35:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Screaming Bee
[2011/05/14 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SFBot
[2011/10/01 16:09:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sierra
[2012/03/22 09:44:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Simple Star
[2012/02/28 21:12:16 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SmartPCTools
[2012/05/23 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SoftGrid Client
[2012/03/09 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony
[2011/08/21 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony Creative Software
[2012/03/02 19:34:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SPORE
[2011/06/26 09:37:32 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TeamViewer
[2011/04/26 16:44:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TP
[2012/05/11 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Tropico 3
[2012/05/03 14:36:14 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TS3Client
[2012/03/20 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TuneUp Software
[2012/04/01 12:54:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TunkDesign Inc
[2012/02/01 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\twinstar_launcher
[2011/11/27 15:11:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ubisoft
[2011/10/23 19:32:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Unity
[2012/03/09 17:18:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\VS Revo Group
[2011/10/08 08:17:54 | 000,000,000 | ---D | M] -- C:\Users\Marek PC\AppData\Roaming\Opera
[2012/05/23 17:00:01 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/03/09 14:01:17 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2012/05/05 12:34:22 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/12/22 02:37:09 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/12/22 02:21:25 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/12/22 02:37:09 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/12/22 02:21:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/12/22 02:37:09 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/12/22 02:21:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/12/22 02:37:09 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/12/22 02:21:25 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/12/22 03:02:48 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/04/09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010/12/22 03:02:48 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010/04/09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/02/25 19:04:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit minecraft
[2012/05/24 15:18:12 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft_xray
[2012/04/01 09:36:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.Nitrous
[2012/03/31 13:17:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.platinum
[2012/04/19 17:52:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.techniclauncher
[2012/03/15 20:15:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\8BallRuler
[2012/04/26 20:40:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Adobe
[2012/02/04 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\AdventureCraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Asus WebStorage
[2011/04/25 15:49:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ATI
[2011/08/09 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Audacity
[2012/02/11 10:04:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Babylon
[2012/03/03 09:11:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Complitly
[2011/04/28 17:12:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\CyberLink
[2011/04/29 14:46:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
[2012/05/01 07:40:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\dclogs
[2012/02/01 20:40:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DivX
[2012/03/09 21:05:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\dvdcss
[2011/09/09 13:46:21 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\EeeStorageUploader
[2011/08/20 16:04:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\eType
[2011/10/17 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\FileZilla
[2012/01/14 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Free Sound Recorder
[2012/02/04 18:10:41 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GameRanger
[2012/03/02 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GarenaPlus
[2012/02/28 21:11:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GetRightToGo
[2011/10/17 15:44:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GHISLER
[2011/08/24 16:50:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\go
[2012/05/24 15:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Google
[2011/08/21 07:34:54 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GRETECH
[2012/05/22 18:06:12 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Hamachi
[2011/05/23 18:47:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HP
[2012/01/21 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC
[2012/01/21 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/11/03 21:51:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\IceCold, Inc
[2012/04/12 14:00:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ
[2012/03/26 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ Search
[2011/06/26 16:51:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Identities
[2011/05/21 15:50:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ImgBurn
[2011/09/30 14:51:23 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Imperium Romanum
[2011/05/01 13:31:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Leadertech
[2011/07/13 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient
[2011/04/25 19:17:48 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Macromedia
[2012/04/12 16:37:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MAXON
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Media Center Programs
[2012/01/07 16:07:39 | 000,000,000 | --SD | M] -- C:\Users\Marek\AppData\Roaming\Microsoft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MinecraftServer
[2012/05/18 18:49:54 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/01/13 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mozilla
[2011/08/11 14:29:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Need for Speed World
[2011/08/13 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\OpenCandy
[2011/09/07 13:34:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera
[2012/04/13 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PFStaticIP
[2006/03/17 10:58:49 | 000,000,000 | RHSD | M] -- C:\Users\Marek\AppData\Roaming\ps9876z0987fx
[2011/08/20 20:13:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Publish Providers
[2011/10/16 17:32:52 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\pymclevel
[2012/02/17 19:33:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Rovio
[2012/04/26 17:34:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\runic games
[2011/08/19 12:35:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Screaming Bee
[2012/05/20 14:28:34 | 000,000,000 | RH-D | M] -- C:\Users\Marek\AppData\Roaming\SecuROM
[2011/05/14 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SFBot
[2011/10/01 16:09:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sierra
[2012/03/22 09:44:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Simple Star
[2012/05/24 15:42:23 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Skype
[2011/05/29 09:22:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\skypePM
[2012/02/28 21:12:16 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SmartPCTools
[2012/05/23 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SoftGrid Client
[2012/03/09 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony
[2011/08/21 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony Creative Software
[2012/03/02 19:34:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SPORE
[2012/01/18 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sun
[2011/06/26 09:37:32 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TeamViewer
[2011/04/26 16:44:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TP
[2012/05/11 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Tropico 3
[2012/05/03 14:36:14 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TS3Client
[2012/03/20 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TuneUp Software
[2012/04/01 12:54:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TunkDesign Inc
[2012/02/01 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\twinstar_launcher
[2011/11/27 15:11:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ubisoft
[2011/10/23 19:32:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Unity
[2011/08/10 18:47:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ventrilo
[2012/03/31 15:23:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\vlc
[2012/03/09 17:18:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\VS Revo Group
[2011/05/07 21:28:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Winamp
[2011/04/26 12:59:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012/03/14 18:47:28 | 000,315,392 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\met0ri.exe
[2011/05/06 01:32:38 | 000,027,648 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\.minecraft\AdventureCraft\AdventureCraft.exe
[2011/05/06 01:32:38 | 000,027,648 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\AdventureCraft\AdventureCraft.exe
[2011/10/02 07:11:48 | 015,960,536 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\Marek\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.108.222.exe
[2012/02/02 10:01:30 | 000,091,128 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2012/02/02 10:01:30 | 000,091,128 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2012/03/25 13:08:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- C:\Users\Marek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2012/01/21 10:11:50 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marek\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/04/10 14:31:30 | 000,242,376 | ---- | M] (MAXON Computer GmbH) -- C:\Users\Marek\AppData\Roaming\MAXON\bin_A22BE761\updates\MAXON Installer Help.exe
[2012/04/10 14:31:29 | 000,287,432 | ---- | M] (MAXON Computer GmbH) -- C:\Users\Marek\AppData\Roaming\MAXON\bin_A22BE761\updates\MAXON Installer.exe
[2011/06/30 11:46:02 | 000,010,134 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\ARPPRODUCTICON.exe
[2011/06/30 11:46:03 | 000,008,854 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\UNINST_Uninstall_G_0CE1A6C0F3F749E68F9D2431F9827441_1.exe
[2012/03/22 11:07:53 | 000,003,584 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2012/03/05 16:06:41 | 000,005,120 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2012/03/11 11:57:55 | 000,010,134 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/08/28 20:25:58 | 000,025,600 | ---- | M] (Microsoft) -- C:\Users\Marek\AppData\Roaming\Microsoft\My\1.0.0.0\Start Menu\Programs\Startup\WindowsRegsX86.exe
[2011/05/07 21:24:06 | 000,009,010 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\OpenCandy\OpenCandy_48225A262A1B4BD7B204DBACEFE0CF96\LatestDLMgr.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012/05/23 17:00:01 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/03/09 14:01:17 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\RegCure.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/05/22 15:14:39 | 000,001,110 | ---- | M] () -- C:\Windows\system32\ealregsnapshot1.reg
[2012/05/23 15:51:05 | 000,911,928 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012/05/24 13:42:53 | 000,119,296 | ---- | M] () -- C:\Windows\system32\zlib.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/12/22 02:37:09 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/12/22 02:21:25 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/12/22 02:37:09 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/12/22 02:21:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/12/22 02:37:09 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/12/22 02:21:25 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/12/22 02:37:09 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/12/22 02:21:25 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/12/22 03:02:48 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/04/09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2010/12/22 03:02:48 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010/04/09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/12/22 02:37:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

farren · #9 Příspěvek od **farren** » 24 kvě 2012 15:26

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/02/25 19:04:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.craftbukkit minecraft
[2012/05/24 15:18:12 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.minecraft_xray
[2012/04/01 09:36:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.Nitrous
[2012/03/31 13:17:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.platinum
[2012/04/19 17:52:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\.techniclauncher
[2012/03/15 20:15:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\8BallRuler
[2012/04/26 20:40:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Adobe
[2012/02/04 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\AdventureCraft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Asus WebStorage
[2011/04/25 15:49:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ATI
[2011/08/09 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Audacity
[2012/02/11 10:04:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Babylon
[2012/03/03 09:11:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Complitly
[2011/04/28 17:12:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\CyberLink
[2011/04/29 14:46:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
[2012/05/01 07:40:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\dclogs
[2012/02/01 20:40:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DivX
[2012/03/09 21:05:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\dvdcss
[2011/09/09 13:46:21 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\EeeStorageUploader
[2011/08/20 16:04:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\eType
[2011/10/17 15:57:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\FileZilla
[2012/01/14 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Free Sound Recorder
[2012/02/04 18:10:41 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GameRanger
[2012/03/02 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GarenaPlus
[2012/02/28 21:11:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GetRightToGo
[2011/10/17 15:44:29 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GHISLER
[2011/08/24 16:50:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\go
[2012/05/24 15:44:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Google
[2011/08/21 07:34:54 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\GRETECH
[2012/05/22 18:06:12 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Hamachi
[2011/05/23 18:47:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HP
[2012/01/21 10:14:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC
[2012/01/21 10:14:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/11/03 21:51:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\IceCold, Inc
[2012/04/12 14:00:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ
[2012/03/26 19:44:31 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ICQ Search
[2011/06/26 16:51:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Identities
[2011/05/21 15:50:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ImgBurn
[2011/09/30 14:51:23 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Imperium Romanum
[2011/05/01 13:31:30 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Leadertech
[2011/07/13 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient
[2011/04/25 19:17:48 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Macromedia
[2012/04/12 16:37:46 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MAXON
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Media Center Programs
[2012/01/07 16:07:39 | 000,000,000 | --SD | M] -- C:\Users\Marek\AppData\Roaming\Microsoft
[2012/02/11 16:02:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MinecraftServer
[2012/05/18 18:49:54 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/01/13 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mozilla
[2011/08/11 14:29:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Need for Speed World
[2011/08/13 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\OpenCandy
[2011/09/07 13:34:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera
[2012/04/13 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PFStaticIP
[2006/03/17 10:58:49 | 000,000,000 | RHSD | M] -- C:\Users\Marek\AppData\Roaming\ps9876z0987fx
[2011/08/20 20:13:35 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Publish Providers
[2011/10/16 17:32:52 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\pymclevel
[2012/02/17 19:33:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Rovio
[2012/04/26 17:34:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\runic games
[2011/08/19 12:35:42 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Screaming Bee
[2012/05/20 14:28:34 | 000,000,000 | RH-D | M] -- C:\Users\Marek\AppData\Roaming\SecuROM
[2011/05/14 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SFBot
[2011/10/01 16:09:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sierra
[2012/03/22 09:44:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Simple Star
[2012/05/24 15:42:23 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Skype
[2011/05/29 09:22:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\skypePM
[2012/02/28 21:12:16 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SmartPCTools
[2012/05/23 19:17:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SoftGrid Client
[2012/03/09 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony
[2011/08/21 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sony Creative Software
[2012/03/02 19:34:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SPORE
[2012/01/18 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Sun
[2011/06/26 09:37:32 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TeamViewer
[2011/04/26 16:44:07 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TP
[2012/05/11 16:38:28 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Tropico 3
[2012/05/03 14:36:14 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TS3Client
[2012/03/20 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TuneUp Software
[2012/04/01 12:54:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TunkDesign Inc
[2012/02/01 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\twinstar_launcher
[2011/11/27 15:11:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ubisoft
[2011/10/23 19:32:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Unity
[2011/08/10 18:47:40 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Ventrilo
[2012/03/31 15:23:38 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\vlc
[2012/03/09 17:18:08 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\VS Revo Group
[2011/05/07 21:28:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Winamp
[2011/04/26 12:59:58 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012/03/14 18:47:28 | 000,315,392 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\met0ri.exe
[2011/05/06 01:32:38 | 000,027,648 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\.minecraft\AdventureCraft\AdventureCraft.exe
[2011/05/06 01:32:38 | 000,027,648 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\AdventureCraft\AdventureCraft.exe
[2011/10/02 07:11:48 | 015,960,536 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\Marek\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.108.222.exe
[2012/02/02 10:01:30 | 000,091,128 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Complitly\KeepMeUpdated.exe
[2012/02/02 10:01:30 | 000,091,128 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
[2012/03/25 13:08:13 | 001,273,568 | ---- | M] (GameRanger Technologies) -- C:\Users\Marek\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2012/01/21 10:11:50 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marek\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/04/10 14:31:30 | 000,242,376 | ---- | M] (MAXON Computer GmbH) -- C:\Users\Marek\AppData\Roaming\MAXON\bin_A22BE761\updates\MAXON Installer Help.exe
[2012/04/10 14:31:29 | 000,287,432 | ---- | M] (MAXON Computer GmbH) -- C:\Users\Marek\AppData\Roaming\MAXON\bin_A22BE761\updates\MAXON Installer.exe
[2011/06/30 11:46:02 | 000,010,134 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\ARPPRODUCTICON.exe
[2011/06/30 11:46:03 | 000,008,854 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}\UNINST_Uninstall_G_0CE1A6C0F3F749E68F9D2431F9827441_1.exe
[2012/03/22 11:07:53 | 000,003,584 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2012/03/05 16:06:41 | 000,005,120 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2012/03/11 11:57:55 | 000,010,134 | R--- | M] () -- C:\Users\Marek\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/08/28 20:25:58 | 000,025,600 | ---- | M] (Microsoft) -- C:\Users\Marek\AppData\Roaming\Microsoft\My\1.0.0.0\Start Menu\Programs\Startup\WindowsRegsX86.exe
[2011/05/07 21:24:06 | 000,009,010 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\OpenCandy\OpenCandy_48225A262A1B4BD7B204DBACEFE0CF96\LatestDLMgr.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012/05/23 17:00:01 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/03/09 14:01:17 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\RegCure.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/05/22 15:14:39 | 000,001,110 | ---- | M] () -- C:\Windows\system32\ealregsnapshot1.reg
[2012/05/23 15:51:05 | 000,911,928 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012/05/24 13:42:53 | 000,119,296 | ---- | M] () -- C:\Windows\system32\zlib.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "D:\Steam\steam.exe" -silent -- [2012/04/15 19:26:06 | 001,242,448 | ---- | M] (Valve Corporation)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011/06/21 07:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=A3AB0A260049BE22AB52E302D9220A92 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012/02/28 20:37:13 | 000,949,104 | ---- | M] (Opera Software) MD5=CC7001E619906A0FF78C162A0A39D5B7 -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/05/24 15:58:48 | 000,000,512 | ---- | M] () MD5=697FE5D5F8F6C594432EA117B4BFE546 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2011/08/25 12:46:27 | 000,019,073 | ---- | M] () -- \Users\Marek\AppData\Roaming\Adobe\Bridge CS4\Cache\1024\Image%207B375D64\Cracked Tiles.ffx.jpg
[2011/08/25 12:46:27 | 000,019,073 | ---- | M] () -- \Users\Marek\AppData\Roaming\Adobe\Bridge CS4\Cache\256\Image%207B375D64\Cracked Tiles.ffx.jpg
[2011/06/11 18:13:36 | 000,015,488 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrack.cfx
[2011/06/11 18:13:38 | 000,015,476 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2011/06/11 18:13:38 | 000,015,896 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2011/06/11 18:13:39 | 000,016,572 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/11 18:13:40 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2011/06/11 18:13:39 | 000,016,152 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2011/06/11 18:13:36 | 000,015,908 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2011/06/11 18:13:37 | 000,016,584 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2011/06/11 18:13:38 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2011/06/11 18:13:37 | 000,016,164 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2011/06/11 18:13:36 | 000,015,708 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2011/06/11 18:13:38 | 000,015,696 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2011/06/11 18:13:38 | 000,016,116 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2011/06/11 18:13:39 | 000,016,792 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/11 18:13:40 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2011/06/11 18:13:39 | 000,016,372 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2011/06/11 18:13:36 | 000,016,128 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2011/06/11 18:13:37 | 000,016,804 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2011/06/11 18:13:38 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2011/06/11 18:13:37 | 000,016,384 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225129_4\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2011/06/15 17:25:05 | 000,015,488 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrack.cfx
[2011/06/15 17:25:08 | 000,015,476 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2011/06/15 17:25:08 | 000,015,896 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2011/06/15 17:25:09 | 000,016,572 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/15 17:25:10 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2011/06/15 17:25:09 | 000,016,152 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2011/06/15 17:25:05 | 000,015,908 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2011/06/15 17:25:06 | 000,016,584 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2011/06/15 17:25:07 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2011/06/15 17:25:06 | 000,016,164 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2011/06/15 17:25:05 | 000,015,708 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2011/06/15 17:25:08 | 000,015,696 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2011/06/15 17:25:08 | 000,016,116 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2011/06/15 17:25:09 | 000,016,792 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/15 17:25:10 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2011/06/15 17:25:09 | 000,016,372 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2011/06/15 17:25:05 | 000,016,128 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2011/06/15 17:25:07 | 000,016,804 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2011/06/15 17:25:07 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2011/06/15 17:25:07 | 000,016,384 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225359_4\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2011/06/16 15:02:42 | 000,015,488 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrack.cfx
[2011/06/16 15:02:45 | 000,015,476 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2011/06/16 15:02:45 | 000,015,896 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2011/06/16 15:02:46 | 000,016,572 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/16 15:02:46 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2011/06/16 15:02:46 | 000,016,152 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2011/06/16 15:02:42 | 000,015,908 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2011/06/16 15:02:43 | 000,016,584 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2011/06/16 15:02:44 | 000,015,232 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2011/06/16 15:02:43 | 000,016,164 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2011/06/16 15:02:42 | 000,015,708 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2011/06/16 15:02:45 | 000,015,696 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2011/06/16 15:02:45 | 000,016,116 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2011/06/16 15:02:46 | 000,016,792 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2011/06/16 15:02:46 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2011/06/16 15:02:46 | 000,016,372 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2011/06/16 15:02:42 | 000,016,128 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2011/06/16 15:02:43 | 000,016,804 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2011/06/16 15:02:44 | 000,015,452 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2011/06/16 15:02:43 | 000,016,384 | ---- | M] () -- \Users\Marek\Documents\Battlefield Play4Free\mods\main\cache\{D7B71EE2-D452-11CF-FF77-683BBEC2C535}_225507_4\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx

< *keygen* /s >
[2007/01/14 12:00:00 | 000,241,664 | ---- | M] () -- \FLEXLM\awkeygen.exe

< *loader* /s >
[2008/08/28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010/03/09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010/03/09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010/03/09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010/03/09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010/03/27 05:03:20 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\AIK2.0\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\events\DownloadErrorEvent.as
[2010/03/27 05:03:20 | 000,006,153 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\AIK2.0\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\net\FileDownloader.as
[2010/03/27 05:03:20 | 000,007,955 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\AIK2.0\frameworks\projects\air\ApplicationUpdater\src\ApplicationUpdater\air\update\ui\EmbeddedUILoader.as
[2010/03/27 04:58:40 | 000,015,989 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\Configuration\ActionScript 3.0\projects\Flash\src\fl\rsl\RSLPreloader.as
[2010/03/27 05:01:58 | 000,010,604 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\Configuration\ActionScript 3.0\rsls\loader_animation.fla
[2010/03/27 05:01:58 | 000,001,253 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\Configuration\ActionScript 3.0\rsls\loader_animation.swf
[2010/03/27 04:58:40 | 000,027,153 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\Configuration\Component Source\ActionScript 3.0\User Interface\fl\containers\UILoader.as
[2010/03/27 04:58:40 | 000,044,966 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\Configuration\Components\User Interface\Loader.swc
[2010/03/27 04:58:46 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\First Run\Classes\FP7\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,000,544 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\First Run\Classes\FP8\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,000,576 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\First Run\Classes\FP9\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,010,454 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\Common\First Run\Classes\mx\controls\Loader.as
[2010/03/27 04:57:46 | 000,032,362 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\en_US\Configuration\Templates\Sample Files\Preloader for External File.fla
[2010/03/27 04:57:46 | 000,036,356 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Flash CS5\en_US\Configuration\Templates\Sample Files\Preloader for SWF.fla
[2010/03/16 03:48:38 | 000,079,184 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
[2008/08/14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2011/11/05 13:27:45 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2003/04/11 14:45:42 | 000,348,160 | ---- | M] () -- \Program Files (x86)\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2012/02/22 13:09:04 | 000,038,400 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2012/02/22 10:52:16 | 002,609,664 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2009/05/21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009/09/20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/09/20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2011/12/20 14:32:00 | 000,634,880 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[2011/12/20 14:32:00 | 000,000,151 | ---- | M] () -- \Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.ini
[2010/11/30 00:32:34 | 000,170,288 | ---- | M] () -- \Program Files (x86)\Cheat Engine 6.1\Kernelmoduleunloader.exe
[2012/03/26 19:43:36 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/03/26 19:43:37 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/03/26 19:43:36 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/03/26 19:43:52 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012/03/28 19:03:32 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\rps\preloader02.swf
[2012/03/26 19:55:22 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012/01/24 16:50:21 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\warsheep\preloader02.swf
[2012/01/24 16:50:21 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010/03/05 05:55:00 | 000,488,144 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5\MXF_SDK_MetaMetadata_BinaryLoader_r.4.2.2.319.dll
[2010/03/05 05:55:04 | 000,900,304 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5\MXF_SDK_MetaMetadata_XSDLoader2_r.4.2.2.319.dll
[2010/03/05 05:55:08 | 000,789,200 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS5\MXF_SDK_MetaMetadata_XSDLoader_r.4.2.2.319.dll
[2012/02/28 20:56:57 | 000,007,664 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\demo\jvmti\hprof\src\hprof_loader.c
[2012/02/28 20:56:57 | 000,002,141 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\demo\jvmti\hprof\src\hprof_loader.h
[2012/02/28 20:56:24 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012/02/28 20:56:25 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012/02/28 20:56:27 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012/02/28 20:56:26 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012/02/28 20:56:26 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012/02/28 20:56:27 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.6.0_31\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2011/08/11 14:22:41 | 000,004,068 | ---- | M] () -- \ProgramData\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2012/02/29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2011/10/16 12:45:15 | 000,003,487 | ---- | M] () -- \Sandbox\Marek\gunrox\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GABPKICH\loader[6].htm
[2011/10/16 12:44:04 | 000,003,487 | ---- | M] () -- \Sandbox\Marek\gunrox\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NNA3BFWD\loader[1].htm
[2011/10/16 11:38:46 | 000,003,487 | ---- | M] () -- \Sandbox\Marek\gunrox\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XJZF3WMA\loader[5].htm
[2011/10/16 11:38:24 | 000,003,487 | ---- | M] () -- \Sandbox\Marek\gunrox\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5HK4KJY\loader[1].htm
[2011/10/16 19:11:07 | 000,003,487 | ---- | M] () -- \Sandbox\Marek\gunrox\user\current\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5HK4KJY\loader[2].htm
[2011/08/11 14:22:41 | 000,004,068 | ---- | M] () -- \Users\All Users\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2012/02/29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/02/29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010/03/27 04:58:46 | 000,000,544 | ---- | M] () -- \Users\Marek\AppData\Local\Adobe\Flash CS5\en_US\Configuration\Classes\FP7\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,000,544 | ---- | M] () -- \Users\Marek\AppData\Local\Adobe\Flash CS5\en_US\Configuration\Classes\FP8\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,000,576 | ---- | M] () -- \Users\Marek\AppData\Local\Adobe\Flash CS5\en_US\Configuration\Classes\FP9\MovieClipLoader.as
[2010/03/27 04:58:46 | 000,010,454 | ---- | M] () -- \Users\Marek\AppData\Local\Adobe\Flash CS5\en_US\Configuration\Classes\mx\controls\Loader.as
[2012/05/06 10:32:33 | 000,000,673 | ---- | M] () -- \Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.7.1_0\Media\ajax-loader.gif
[2009/07/05 14:41:54 | 000,009,216 | ---- | M] () -- \Users\Marek\AppData\Local\MCEdit-64bit\MCEditData\_win32sysloader.pyd
[2012/05/17 19:33:19 | 000,008,438 | ---- | M] () -- \Users\Marek\AppData\Roaming\.minecraft\ModLoader.txt
[2012/01/19 16:23:21 | 000,001,260 | ---- | M] () -- \Users\Marek\AppData\Roaming\.minecraft\ModLoader.txt.1
[2012/01/19 16:23:20 | 000,000,000 | ---- | M] () -- \Users\Marek\AppData\Roaming\.minecraft\ModLoader.txt.1.lck
[2012/05/17 19:33:17 | 000,000,137 | ---- | M] () -- \Users\Marek\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2011/07/29 11:24:02 | 000,000,000 | ---- | M] () -- \Users\Marek\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_GPU_Z.data
[2012/02/28 21:11:15 | 000,000,000 | ---- | M] () -- \Users\Marek\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_Registry_Fix_Tool_For_Windows (1).data
[2012/01/11 13:44:22 | 000,010,144 | ---- | M] () -- \Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\conduitCommon\modules\3.9.0.3\ExternalLibraryLoader.jsm
[2012/04/18 00:39:24 | 000,010,145 | ---- | M] () -- \Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2012/01/11 13:44:22 | 000,010,144 | ---- | M] () -- \Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2012/01/09 15:13:44 | 000,002,485 | ---- | M] () -- \Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com\content\loader.xul
[2012/04/30 11:35:08 | 000,010,145 | ---- | M] () -- \Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\staged\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2011/11/05 13:27:39 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enUS-tools-downloader.exe
[2011/05/15 08:39:18 | 002,067,706 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2011/11/05 10:11:05 | 000,009,494 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2012/03/31 12:22:09 | 000,446,464 | ---- | M] () -- \Windows\NEXON_EU_DownloaderUpdater.exe
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/04/03 13:39:20 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/04/03 13:39:20 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/04/28 10:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/04/28 10:09:57 | 000,640,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.efi_75834aa0
[2011/04/28 10:09:57 | 000,603,976 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winload.exe_75835076
[2011/04/28 10:09:57 | 000,556,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.efi_85cd069f
[2011/04/28 10:09:57 | 000,518,160 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:ECF54A0E

< End of report >

farren · #10 Příspěvek od **farren** » 24 kvě 2012 15:27

Extras log

OTL Extras logfile created on: 24. 5. 2012 15:56:13 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Marek\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,75 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 60,96% Memory free
7,49 Gb Paging File | 5,99 Gb Available in Paging File | 79,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 39,16 Gb Free Space | 33,63% Space Free | Partition Type: NTFS
Drive D: | 327,83 Gb Total Space | 73,14 Gb Free Space | 22,31% Space Free | Partition Type: NTFS

Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.reg [@ = regfile] -- regedit.exe "%1"

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B9129C9-4EE6-49A9-A919-81E476C990C5}" = lport=138 | protocol=17 | dir=in | app=system |
"{2B4797AA-630C-477C-A051-44574096A3BA}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C484624-B2E6-4A67-8E43-4F2D7D16C274}" = rport=138 | protocol=17 | dir=out | app=system |
"{2ED73649-077B-4F81-806F-13A770639993}" = lport=10243 | protocol=6 | dir=in | app=system |
"{306DAAD4-4B62-4E53-B234-070D598001DE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{417235EC-8640-42C7-B03A-AE58B290F8B0}" = rport=137 | protocol=17 | dir=out | app=system |
"{4635C7ED-A14A-42CA-9AEE-B325142EE4D1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{478FF34F-2C54-45D3-B834-E18AE204EDEB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5767831F-C0E7-43DE-B664-DF12E99EC657}" = lport=445 | protocol=6 | dir=in | app=system |
"{6371A164-CE4D-42BB-BCA6-850A6AD2E816}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63A00B29-7E73-456B-86EB-3B6552A9A4D9}" = rport=445 | protocol=6 | dir=out | app=system |
"{653E3092-A5FF-4A95-943E-E9C1999C9129}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{908822F5-5E82-47B3-A6D6-9898D1A7CBD5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9E7D3405-DE78-4951-A5E1-182DB41B76E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A376C203-7224-4A66-AB6F-E0C9909D3BB2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A417688D-4031-45F6-A6FC-02682849AE5D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B50C8B4A-2099-4676-83D5-81FA42E806C7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9524E20-7F7F-42D1-B9A4-C68C3A475DBB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BA18EC70-20BD-420E-9704-5DAFBCCABB04}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{BD4D0F0D-B9E1-431B-9328-A42669A2E793}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CED979FB-E7D7-4959-91A1-29E5178BAFEC}" = lport=137 | protocol=17 | dir=in | app=system |
"{CFAE9535-1597-4298-A459-F5BEF2D726AD}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{D0C2ED1C-1055-4CD1-9303-8B7EAF69FB0E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DE60B44E-EAE5-4DC7-9078-DC659703F79B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F0ACB83F-1ACA-423B-BAD4-8F6F99C7AC82}" = rport=139 | protocol=6 | dir=out | app=system |
"{F6A2ACB1-BCC8-49C0-BFE3-BFA973EB077C}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{F7F3A0BD-7326-43FD-B0AB-A42E73FCC3D1}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{FBA287E2-31E0-47FB-AFAC-B2D218548A79}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FE9C26DE-5B7A-409E-874B-72D4A4D0F891}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001007D5-F0EA-4B7B-8B84-F63A8BF8C318}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{00380D54-E19A-4EFB-AAB1-107BBA23FFA3}" = protocol=58 | dir=in | app=system |
"{01AA2712-7CE3-4EBA-875F-BA4594EDDD1B}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\counter-strike\hl.exe |
"{09E6CEF4-799D-4A61-96B6-7B609BC1E691}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{0C2A4687-484B-498E-8262-60DE608CE966}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{16707ECE-A6C9-4A09-B51F-CC087361422C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{19FD2CE9-D0D6-44CB-B82E-F82CBC858D9E}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii\diablo iii.exe |
"{1B3DA552-5312-4E1C-952D-D6162E2118E7}" = protocol=17 | dir=in | app=d:\diablo 3 beta\diablo iii beta\diablo iii.exe |
"{1B9358FE-7CFF-49FB-B646-F01ED587DFE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{1F4376DE-E0DC-41C6-82E6-531EF9EBFAF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{20977C3E-5360-480F-8539-70AA4542ADC5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{22969576-7ECA-4635-9322-C598AF97064A}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{22DECF49-BF22-4F42-86FB-1D7A2D1500D3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{246CCFC6-91DC-4F1D-A955-F73E674FDA93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24ED7D15-5891-4753-9653-D5FA922B08E4}" = protocol=17 | dir=in | app=d:\hry\age of empires iii\age3.exe |
"{2BB384C6-B27E-492D-8979-819B6AB24127}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{2C64D91B-8F9D-4D38-B67E-60AD6F5AB828}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2EAFEAEA-6F57-4835-89F1-7985BB425458}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2FE70646-E7AA-4AE1-B8D5-DBB1C6A9170E}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\garry's mod beta\hl2.exe |
"{30CF214A-BBAC-459D-AE85-6300AB5AFEFF}" = protocol=6 | dir=in | app=d:\age of empires online\spartan.exe |
"{34F66839-E312-4523-AFE9-BDC436AC8690}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{37E94DF2-1238-43B5-8BDA-62C95510FED1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AFD728A-2204-42F3-B083-7BE851074E1F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3C7BE421-C2D1-48B7-B667-B8A1991DFB9C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{3D23640C-AB4F-4F7F-8388-636EF9EE40E7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{43276ED9-5A4C-4735-BCE3-905DDAF1263C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{463345E2-6003-4C13-8858-9D304DED8CED}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{48FF9C84-A33D-4EAE-A011-68CB9ACCB891}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C565F7F-9771-4A78-BEFA-67233C129E71}" = protocol=6 | dir=in | app=d:\hry\steam\steam.exe |
"{4EC8C13B-C48A-47A2-96F9-B8F966052181}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{50329D3B-C5A0-4703-812A-49A0E6580A0B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{508A23B2-30D0-4AA8-B581-76EDD222EFB4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{52A9E05F-3D0B-4372-B43F-5718C9F5D1F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{54924199-E20B-4C26-A80B-021ADBDC1414}" = protocol=6 | dir=in | app=d:\diablo 3 beta\diablo iii beta\diablo iii.exe |
"{54FDBFC6-8EFF-4831-BE95-B71DE8CC2503}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{563B316B-B7BD-4F88-97E3-3904023ED806}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{5641D7BC-3B79-4AD4-9333-EFA2F8D9EF43}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5929D9A0-B100-4A37-8866-E09BC624CBDC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5FD7DB16-BDBF-43E3-B071-BF2F75172753}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61978ADF-A598-439B-A997-831D1F2E36CC}" = protocol=17 | dir=in | app=d:\hry\bad company 2\bfbc2updater.exe |
"{646059D3-CEB2-4229-BEC6-B0EF14FB12BB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{6F1F00B8-1AE3-4374-AB90-1C50B78B8614}" = protocol=6 | dir=in | app=d:\hry\age of empires iii\age3.exe |
"{7057B42A-748E-4561-9E11-8195A58DAEC1}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\counter-strike\hl.exe |
"{72854BF3-2CDF-4054-BE8C-CE8D74789F34}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\garry's mod beta\hl2.exe |
"{73950047-8032-4384-99D3-CBA49A3AE08C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{75AF6482-B47B-43FA-9A59-D050F7952FAD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7AFF9952-B2A0-4F20-A3B1-F7A7FE73993B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7E970794-2ED7-46B6-8255-C2E78151B89B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7E990A88-11FD-4423-8E7D-22BC0EA458B3}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{7F94469F-E8FC-405A-B83D-A77921684002}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{818009F4-EF78-482A-AA47-CC21DCD91E9A}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{81CADCF0-0780-400C-A282-F79CC3AA4E83}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{8551D939-54E9-468C-8724-EA9DA95FFB59}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85C1E5EA-0B64-4D92-9C54-627505B535EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{85CD69B4-5DEA-4897-9AB0-77311AE57D30}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{86F25F78-E40C-4121-B3AD-F53CD3BC52C4}" = protocol=17 | dir=in | app=c:\users\marek\appdata\local\akamai\netsession_win.exe |
"{8C2E921C-2B0E-4DEF-B1B1-93D755728827}" = protocol=6 | dir=in | app=d:\hry\bad company 2\bfbc2updater.exe |
"{8D2CC833-30AD-4C4B-85ED-32AAFC4835AD}" = protocol=6 | dir=out | app=system |
"{914E6BB2-DD40-490F-BBD3-EB7E25E1D3D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{977A73DD-04DD-4437-9A44-970E8F19EE47}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{9B6D8576-E1BB-46E8-9819-5CBC0B757904}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9DC8C617-C56F-4605-A678-7A5DD1BD8AE5}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A1D522F2-496B-4EE3-A4F7-D56538E108DC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{A348B9D6-BC2C-46C5-A4CE-86129EB60418}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A52A33B2-82E3-4CAD-8FC2-49F66F4F4429}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{AE507DDC-A39C-49AB-B3BA-BD2019D644BE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{AEB3F098-AF1B-4C30-BEE1-96C69800D5B2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{B00533C1-5BBB-4935-A10E-CD8EE8613290}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B2BE0278-A92E-4E57-94E7-84B146EE14FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B480E76E-EB75-4226-9D8B-B0122F5609E6}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{B788A314-89FA-4D13-A973-0C329DADA74B}" = protocol=17 | dir=in | app=d:\hry\steam\steam.exe |
"{BBD08FA3-795F-42A9-BA19-2A4A621347A5}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{BBF5430C-656C-4334-84A1-4FD1BB8BDE88}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BC9A4A47-0686-483F-930E-07C32C9B1C9B}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\garrysmod\hl2.exe |
"{BFA08FCB-F431-4BEF-AA8A-CE465F6947C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C44A8199-F25B-4534-9B18-67EB716F86B6}" = protocol=17 | dir=in | app=c:\program files (x86)\cracked steam\steam.exe |
"{C50E558D-11BB-404B-B0DB-66CEA08C4314}" = protocol=17 | dir=in | app=d:\age of empires online\spartan.exe |
"{C525A3BE-334D-442B-AA11-8190320BF2C3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C61589FC-4FB4-49DC-A66C-A1DDD11BE4C7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{CCC58415-AFF4-4DFD-9ED7-F7F82769D925}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CD79B083-8D5A-4626-A54A-65D51F1CEBCF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{CF4644AD-E2B5-4B8F-B0AA-C2E6640C46C9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{D2813EE7-7190-4302-84A4-69EDF17B66E2}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{D32AD170-C6D1-42ED-80D9-86862384CB01}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3C691D7-8E78-4800-BA36-B593CF38D7DF}" = protocol=6 | dir=in | app=c:\users\marek\appdata\local\akamai\netsession_win.exe |
"{DABA9F49-61BB-4595-BBCE-2370F5BAF587}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{DD57F728-AFE2-4F1F-935C-1CB19E870403}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{DE37397A-E7EC-4F8A-B0FE-E8DB6A9455B0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{DE58B88E-52B5-4C20-82E5-F09735C0D745}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii\diablo iii.exe |
"{E23C73DB-13B2-4EF3-A49B-99B826CEAC28}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E2BE12B1-F920-4C05-B873-D76167F6BBBC}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{E311F4CE-1F96-4BD5-89E0-C1AAF670FFE0}" = protocol=6 | dir=in | app=c:\program files (x86)\cracked steam\steamapps\tw1xi1\garrysmod\hl2.exe |
"{E3540AA8-C0D4-4A30-8F9F-5C726DB008EB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{E91FAE34-55F9-4122-B57A-380AF3A76D35}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB6AFD24-78EA-4EB3-B10F-83D59EC8A7C6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{EB9E0EF0-B031-44CC-BA7A-80145423391E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{ED552FA6-D746-42C7-B1B2-76D056DD3FF2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F15F9B44-B5C6-4E62-BDC1-BC8E0F57B88B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{F6B7A6C9-EDC6-4775-BAFD-464D90497EBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FDEE8B4B-24FB-4545-B467-18B16B500B5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{06A1F41D-C341-4857-94C9-417E6177D621}C:\users\marek\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\marek\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{0FC3F3E6-ECF7-4337-A08A-E7BCF26F162F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{17556C83-F813-46FA-AC2F-5A0A77038658}D:\hry\gmod\[psy] garrys mod 11(1.o.o.5)\[psy] garrys mod 11(1.o.o.5)\hl2.exe" = protocol=6 | dir=in | app=d:\hry\gmod\[psy] garrys mod 11(1.o.o.5)\[psy] garrys mod 11(1.o.o.5)\hl2.exe |
"TCP Query User{1C349F31-3645-4570-B45E-499CCD0D6E9F}D:\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=6 | dir=in | app=d:\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat |
"TCP Query User{1D08FA68-E621-460D-B4AD-5F4E9C17FCCB}D:\hry\modern warfare 3\call of duty modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 3\call of duty modern warfare\iw3mp.exe |
"TCP Query User{206641ED-2149-4F08-A2CE-AE56997D5E46}D:\ea sports\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=d:\ea sports\nhl 09\nhl2009.exe |
"TCP Query User{24C0635D-89C0-4798-89FC-9824511739A5}C:\program files (x86)\1clickdownload\1clickdownload.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownload.exe |
"TCP Query User{2A04EAEC-14B5-4FB6-B054-0065050A1FE1}D:\hry\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4mp.exe |
"TCP Query User{2B33B42D-5D4B-400E-9C7D-2F3478721CF0}D:\hry\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4mp.exe |
"TCP Query User{304BAF49-6A6B-4918-8906-DFB477968ED5}C:\program files (x86)\runic games\torchlight\torchlight.exe" = protocol=6 | dir=in | app=c:\program files (x86)\runic games\torchlight\torchlight.exe |
"TCP Query User{32198CC9-E0AB-4CF5-A6D2-D91071B7022F}C:\users\marek\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\marek\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{3418D6FB-466A-47ED-A81A-73EAB1198866}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{3519AF51-756E-4F3C-BB1D-B7772393B43A}D:\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=6 | dir=in | app=d:\counter-strike 1.6 v42 digitalzone\hl.exe |
"TCP Query User{430D6254-D584-4FE5-9643-3A2A99A32D7A}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe |
"TCP Query User{44F20DAC-3910-48C5-B070-B26629E9DFA7}C:\users\marek\downloads\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=6 | dir=in | app=c:\users\marek\downloads\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat |
"TCP Query User{4F6AFA2F-01E3-466B-A812-7412F58EEB64}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{516A4E38-B15F-430A-857D-B3209DA4DE49}D:\hry\modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4sp.exe |
"TCP Query User{51B421B5-6E37-4392-9A20-42AF00B03517}D:\cs 1.6\hl.exe" = protocol=6 | dir=in | app=d:\cs 1.6\hl.exe |
"TCP Query User{5477AF96-3D5B-4B3E-906F-B010BB7F97A6}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{613B0959-ED10-47DD-B094-67365B42DCBA}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{70266248-9092-454F-A45A-1E531F44F3C4}C:\users\marek\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\marek\appdata\local\akamai\netsession_win.exe |
"TCP Query User{715D96A9-C079-42AC-8D29-87295A3380F2}C:\users\marek\desktop\crack,emulator,cestina\assassins creed 2 full crack\emulator\server.exe" = protocol=6 | dir=in | app=c:\users\marek\desktop\crack,emulator,cestina\assassins creed 2 full crack\emulator\server.exe |
"TCP Query User{76B56DB0-5FBB-4508-90D0-380C8DE50DA8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{784A2FD6-A369-45F6-ABED-3C27D5E27D0D}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{7AAE6819-2C27-4517-AFD7-DBC7132F8EAF}C:\program files\java\jdk1.6.0_31\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_31\bin\java.exe |
"TCP Query User{801C1A5C-E551-401A-801C-01306216F070}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{8E911BF6-10C4-408F-A25B-A8E9055DB889}D:\hry\modern warfare 2\iw4mp.dat" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4mp.dat |
"TCP Query User{A744AC71-A558-417B-B7B5-9317E4BEF618}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{AE6EA44B-1E77-4F66-9E2C-874DC7A7F9C4}D:\hry\modern warfare 2\iw4mpold.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4mpold.exe |
"TCP Query User{B0B277BC-59E1-49D3-AD23-C7E03068671D}D:\hry\steam\steamapps\kebiz1\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\hry\steam\steamapps\kebiz1\team fortress 2\hl2.exe |
"TCP Query User{B60677FF-226D-4C81-B849-8DD97828BD2D}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{B912A671-70B4-4B36-B75A-570A23B68462}D:\nfs world\data\nfsw.exe" = protocol=6 | dir=in | app=d:\nfs world\data\nfsw.exe |
"TCP Query User{B9A55AD6-8BCC-4AA1-A70B-DFC93B1D4EBA}D:\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=d:\nhl 09\nhl2009.exe |
"TCP Query User{C8E0AF81-4E5F-456A-A178-82BE0D679806}C:\users\marek\desktop\garrymod\hl2.exe" = protocol=6 | dir=in | app=c:\users\marek\desktop\garrymod\hl2.exe |
"TCP Query User{DE1B04A2-7A27-41A7-9BD6-A3236F310BF5}D:\hry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\hry\tmnationsforever\tmforever.exe |
"TCP Query User{E12D9E30-3696-4CF4-B1E4-EAF84E5FE111}D:\hry\modern warfare 2\iw4m.exe" = protocol=6 | dir=in | app=d:\hry\modern warfare 2\iw4m.exe |
"TCP Query User{E1514045-5E32-4740-8922-FF33B2CC1CA5}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{EA5DD039-528C-4112-A5E6-BAB0FBA3C5A3}D:\autodesk\maya2008\bin\maya.exe" = protocol=6 | dir=in | app=d:\autodesk\maya2008\bin\maya.exe |
"TCP Query User{EDD9CF04-E07F-4B0A-978B-96314AAC34A3}D:\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\counter-strike 1.6\hl.exe |
"TCP Query User{F40CD71F-72A7-4E03-8E69-5BC1CCE1017A}D:\hry\cs source\counter strike source 2011\hl2.exe" = protocol=6 | dir=in | app=d:\hry\cs source\counter strike source 2011\hl2.exe |
"TCP Query User{F5B60836-34F0-45FD-A9B2-B69713F72A38}D:\diablo ii\game.exe" = protocol=6 | dir=in | app=d:\diablo ii\game.exe |
"UDP Query User{01D7A6B7-3156-4551-876D-FF0C702DF313}D:\hry\steam\steamapps\kebiz1\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\hry\steam\steamapps\kebiz1\team fortress 2\hl2.exe |
"UDP Query User{028D0E6D-8A3E-4923-820B-F1735E258493}C:\program files (x86)\1clickdownload\1clickdownload.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownload.exe |
"UDP Query User{051D141A-4D1C-410E-9761-DC2D76CF06F0}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{06A7854F-AA55-47C3-AE91-B91335B590CF}D:\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=17 | dir=in | app=d:\counter-strike 1.6 v42 digitalzone\hl.exe |
"UDP Query User{0E87232B-39B9-4AA5-9C3A-388C6CF490DA}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{2779DF80-F3DA-4D9E-AE6C-315B8FEB86C9}D:\hry\modern warfare 2\iw4mp.dat" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4mp.dat |
"UDP Query User{2BFD67D5-BA66-4271-A790-AD17C796D2C2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{35DC956B-E473-4A1A-B4A5-B31F5B19F63A}D:\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\counter-strike 1.6\hl.exe |
"UDP Query User{3B0F10F7-9ACA-40CB-926D-AC0A96B101C2}D:\hry\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4mp.exe |
"UDP Query User{3BF650BA-A353-40A4-ADB7-D35A2D4F5CAA}D:\cs 1.6\hl.exe" = protocol=17 | dir=in | app=d:\cs 1.6\hl.exe |
"UDP Query User{43A5C5E9-13A8-4414-99E4-668ABEF75061}D:\hry\modern warfare 2\iw4m.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4m.exe |
"UDP Query User{45213538-248C-461F-8B1D-824A50D7852D}C:\users\marek\desktop\garrymod\hl2.exe" = protocol=17 | dir=in | app=c:\users\marek\desktop\garrymod\hl2.exe |
"UDP Query User{47D1324D-C629-446C-B95A-0D672C6B0BAB}D:\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=17 | dir=in | app=d:\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat |
"UDP Query User{50E83EAC-703D-4E77-A48A-1F56663E75FB}C:\users\marek\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\marek\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{555D397A-8AA0-44AE-B461-65E09BF8FB04}D:\hry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\hry\tmnationsforever\tmforever.exe |
"UDP Query User{61BC10D8-87F8-4A7F-B6C8-64C6DC840ED0}D:\hry\cs source\counter strike source 2011\hl2.exe" = protocol=17 | dir=in | app=d:\hry\cs source\counter strike source 2011\hl2.exe |
"UDP Query User{61DCBE61-30E6-4DED-AAF9-F2B558E14EC0}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe |
"UDP Query User{637DCD0B-1E7C-4736-A27F-0EEB5928918D}D:\autodesk\maya2008\bin\maya.exe" = protocol=17 | dir=in | app=d:\autodesk\maya2008\bin\maya.exe |
"UDP Query User{6E50EEEB-42CC-459C-9A62-3D2DDB845C2C}D:\hry\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4mp.exe |
"UDP Query User{718A2BB0-6B98-4F8D-849B-D2D3F1DEC781}D:\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=d:\nhl 09\nhl2009.exe |
"UDP Query User{7C0C599B-29E7-4CDE-93B2-02BAFCFA5B6A}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{7C48B62D-7B70-4002-B101-0A7C6B4331AB}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{81502B03-0FD9-4BFC-8A87-7CB24E2D143F}D:\ea sports\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=d:\ea sports\nhl 09\nhl2009.exe |
"UDP Query User{8274DC76-9930-40C4-B1D9-E12AF8909D6F}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{8904B6E5-E714-4024-B5B8-2EC410B705AC}C:\users\marek\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\marek\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{91ECB5B9-6FE7-42ED-B4EB-09200621561E}D:\diablo ii\game.exe" = protocol=17 | dir=in | app=d:\diablo ii\game.exe |
"UDP Query User{9FCB0658-CECE-47FB-9D00-095AA15821D9}C:\program files (x86)\runic games\torchlight\torchlight.exe" = protocol=17 | dir=in | app=c:\program files (x86)\runic games\torchlight\torchlight.exe |
"UDP Query User{B1AFFA67-EB6C-490A-B78F-0C00FC5DA794}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{BBE7E8CA-F461-4076-A90D-1B0B36CC71F9}D:\hry\modern warfare 2\iw4mpold.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4mpold.exe |
"UDP Query User{BC6D953D-C70C-46AB-B481-7A5E67BB1FCC}C:\users\marek\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\marek\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C309C198-5047-44C9-8EB0-2811601B4D91}C:\users\marek\desktop\crack,emulator,cestina\assassins creed 2 full crack\emulator\server.exe" = protocol=17 | dir=in | app=c:\users\marek\desktop\crack,emulator,cestina\assassins creed 2 full crack\emulator\server.exe |
"UDP Query User{C34B7EDF-1C07-42A5-8C3A-A150A567868E}D:\hry\gmod\[psy] garrys mod 11(1.o.o.5)\[psy] garrys mod 11(1.o.o.5)\hl2.exe" = protocol=17 | dir=in | app=d:\hry\gmod\[psy] garrys mod 11(1.o.o.5)\[psy] garrys mod 11(1.o.o.5)\hl2.exe |
"UDP Query User{DC6EE30C-3376-40D6-8662-C22AB125251A}C:\program files\java\jdk1.6.0_31\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_31\bin\java.exe |
"UDP Query User{DF4EC3F1-4261-447C-A14F-F6BB699BD75D}D:\hry\modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 2\iw4sp.exe |
"UDP Query User{E09070A3-D44B-4874-AA5F-F0979828BC2A}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{E6F25CE7-3C71-40DE-A660-B0C83035F204}D:\hry\modern warfare 3\call of duty modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\hry\modern warfare 3\call of duty modern warfare\iw3mp.exe |
"UDP Query User{E7B08B01-B1DF-45B0-83E6-7DA08D655100}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{EAE08E4A-0A55-4E07-BB9A-40EF2D6FD858}C:\users\marek\downloads\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat" = protocol=17 | dir=in | app=c:\users\marek\downloads\modern warfare 2 - multiplayer\modern warfare 2 - multiplayer\iw4mp.dat |
"UDP Query User{F385D720-7BAE-49CF-A376-CE4D13CD97EB}D:\nfs world\data\nfsw.exe" = protocol=17 | dir=in | app=d:\nfs world\data\nfsw.exe |
"UDP Query User{F3D951BF-D6D7-4556-94B0-F85FA65B6512}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{FDDF80AE-4AAA-4846-9B0A-9079F2CEFD58}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0437C01E-70D6-489B-B504-952F59912A72}" = Windows Live Family Safety
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3690900F-85EA-447F-BAD1-5CA25AA9B627}" = HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3D42871F-4A1E-82E5-9494-3012BA3084F2}" = AMD Catalyst Install Manager
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4827A9B4-FC4C-4BA9-9EFB-10CF703E7C3A}" = Windows Live Family Safety
"{4970B06C-7708-4AAB-9341-3FD1D9B1AA34}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{65EDA937-3C7B-4009-99A1-795FD3FBECF5}" = Windows Live Family Safety
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{708DC396-5B5C-55FC-7019-BE7BB6787FB6}" = AMD Fuel
"{76BB831E-D059-449A-AFDE-2A677E45DF18}" = Windows Live Family Safety
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7A47656D-0369-4C67-D98C-DA369EC504C2}" = ccc-utility64
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A6752BB4-C571-4F3B-9A47-97405068DE0B}" = Windows Live Family Safety
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{BD864ECC-620D-4240-AB9A-B5F7340E337C}" = Windows Live Family Safety
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{C933FB4A-CFC0-4DDD-8FB1-A437B6C58B34}" = Windows Live Family Safety
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CB5FBF73-7CE7-481C-8598-8D4C34705C23}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client SK-SK Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"7341A1B43E7FE58942EB1E820A17C18305DFBCE6" = Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417)
"85CE3A3657FAE5FD305B143E90E6FC89BA53001C" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"Fix RegCleaner_is1" = Fix RegCleaner v1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Registry Easy_is1" = Registry Easy v5.6
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinRAR archiver" = WinRAR 4.10 beta 4 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03533053-A0DD-0A8F-F18B-388CF251929B}" = CCC Help Finnish
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04D38795-0B33-C6FC-47C9-D85DBAF82216}" = CCC Help Norwegian
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0A225245-3D91-7DD2-630D-4366FA9D7BCF}" = CCC Help Thai
"{0A455897-C606-4958-AD34-6DF0430D184B}" = Windows Live UX Platform Language Pack
"{0AB51E62-5AA1-5ECC-F836-F9485DD487C3}" = Catalyst Control Center Localization All
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C0F9C71-1185-7A98-DBE3-BC26CD85352E}" = CCC Help Korean
"{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}" = Guitar Hero III
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{15219EE8-4DCC-C6C5-CB04-351D4DD72ACF}" = Catalyst Control Center InstallProxy
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1ABA87DD-B839-4E53-9A8F-CC2A497C2850}" = F2200_NCL_Help
"{1BCF995D-78B8-4883-BC8E-D7A32BB463DA}" = Windows Live Messenger
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1CFBB921-4E8F-47C1-81A0-1CB94454199E}" = Windows Live UX Platform Language Pack
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205534F9-935B-4F67-6CA1-0356441E78F9}" = CCC Help Dutch
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{216E21F4-0489-4311-92D6-20D1FB950FCE}" = Sci-Fi Voice Pack
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26513CE5-7A51-478D-93BD-AC1D38103463}" = Windows Live Messenger
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{269FAF4C-8237-49A4-8440-6560FF15B4B0}" = Windows Live UX Platform Language Pack
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2719ED2A-F6F5-4CA4-B248-A48FFE75DB84}" = Windows Live UX Platform Language Pack
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2BB0BDFF-E193-42A0-90BE-2D59441E51D2}" = F2200
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C15735B-1EBA-5719-4ADD-F457205F1BA6}" = Catalyst Control Center Graphics Previews Common
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2CA51DE4-4B69-EF24-841E-32363DE7D374}" = CCC Help Japanese
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E7A3D47-285C-AA71-5F43-7AD3C45A24C1}" = CCC Help English
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FE0023B-3858-3D60-DC15-E325E7BBBCE0}" = CCC Help Greek
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C12C57B-8BD0-25E0-57C6-63DBB96AF447}" = CCC Help German
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FD1CB9F-807F-451B-926C-9D19C84CFC61}" = Messenger Suradnik
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}" = „Windows Live Messenger“
"{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5B616A3F-43D9-4F0B-9F49-D39342A98592}" = Creatures of Darkness
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5CD0CFB1-3FE9-600A-36E4-03E1523C4989}" = CCC Help Swedish
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B0A2ECE-E4C6-4BA3-AE9D-8B827F03B992}" = Windows Live UX Platform Language Pack
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{6E209506-FD15-E2CC-AF7E-D1B9C5C83DC3}" = CCC Help Chinese Standard
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F7614CC-F33A-4877-8814-49856F441F3C}" = Stardock MyColors
"{70376A8D-C6E7-4A61-9E30-42AD268CD45D}_is1" = MagicCamera 7.2.1
"{7055FA2C-45B5-D62C-0B4F-CE50D88AB082}" = 8 Ball Ruler
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = MKV player
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A3FFA58-876F-489C-B6CF-0503916224DF}" = HTC Sync
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E274911-32ED-4489-9B04-4EF100D0E4D3}" = „Messenger“ pagalbinė priemonė
"{7E5B60E2-32F4-1052-8471-708EF7965167}" = Catalyst Control Center Profiles Desktop
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{81D34549-684B-86FC-B25F-AA948D831194}" = CCC Help Russian
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{829CDAAD-5AF1-482F-978B-591C16A34ACC}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{902585EB-8FA3-43A5-AD1C-5C9821A77114}" = Messenger Pratilac
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9400B65A-43D5-9A1F-9A94-28126CB7F684}" = CCC Help Italian
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9FF1B47E-957E-DE11-6610-799DD98BAD42}" = CCC Help Czech
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AE1A891D-68BF-0BE5-A51D-7EF7187230D4}" = CCC Help French
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BC4CBCD1-4000-4F30-A642-3FA646E5CFF8}" = Windows Live UX Platform Language Pack
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C011E1C5-86F7-4EEB-B7E6-0C367CED97B2}" = Windows Live UX Platform Language Pack
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}" = Autodesk DirectConnect 2.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C222566F-1C50-4ECD-A01E-77F9C4B95458}" = DJ_AIO_03_F2200_Software_Min
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C66B45D6-0A09-0F9A-39EC-06AE4B2C1DB5}" = CCC Help Portuguese
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C82EB045-FD47-F4F9-2527-F0195DEE1637}" = CCC Help Danish
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE0EF487-4B1D-7800-2BCE-CC931A6DEE3E}" = CCC Help Spanish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4F81B27-4054-4AD6-A588-265508BAA17C}" = Messenger Companion
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D85DCD8F-2FED-306F-0BF4-9508722A1D92}" = CCC Help Chinese Traditional
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}" = Maya 2008
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}" = MorphVOX Pro
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E0744FE1-89F7-4556-9BF8-479F9A3D6C12}" = ExeScript
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E3839628-F67D-40E7-BEF9-C0FEBABABB52}" = Messengeri kaaslane
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EB0B4C36-0171-73BF-B119-11FE8E641F6E}" = ccc-core-static
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14F9EE9-9B68-42B4-90F7-0924F7619281}" = Spremljevalec Messenger
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F39B1FAE-1E05-E275-2594-C22F91D585F0}" = CCC Help Hungarian
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F67958D5-BF91-56EF-3792-363A555155B3}" = CCC Help Polish
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFF8D436-0A41-4BB0-8E9B-6256B07AF66B}" = Windows Live UX Platform Language Pack

farren · #11 Příspěvek od **farren** » 24 kvě 2012 15:29

"8BallRuler" = 8 Ball Ruler
"Adobe AIR" = Adobe AIR
"Akamai" = Akamai NetSession Interface Service
"ASUS WebStorage" = ASUS WebStorage
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"avast" = avast! Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"Brepta" = Brepta 1.2.0
"CCleaner" = CCleaner
"Cities XL 2011" = Cities XL 2011
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Counter-Strike 1.6 Non-Steam 1.0" = Counter-Strike 1.6 Non-Steam 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"DivX Setup" = DivX Setup
"EZ-DJ Plus" = EZ-DJ Plus
"FileZilla Client" = FileZilla Client 3.5.1
"Fraps" = Fraps (remove only)
"funmoods" = Funmoods on IE and Chrome
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"GOM Player" = GOM Player
"GotClip" = GotClip Downloader
"Governor of Poker" = Governor of Poker
"Guard.Mail.ru" = Guard.ICQ
"Hamachi" = Hamachi 1.0.2.5
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"HyperCam 2" = HyperCam 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"ICQToolbar" = ICQ Toolbar
"im" = Garena Plus
"ImgBurn" = ImgBurn
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mahjongg dimensions" = Mahjongg dimensions
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox 12.0 (x86 sk)" = Mozilla Firefox 12.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"POD-Bot 2.5" = POD-Bot 2.5
"Portforward Static IP Address" = Portforward Static IP Address 1.0.47
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Radeon Omega Drivers for Windows XP/2kv4.8.442" = Radeon Omega Drivers v4.8.442 Setup Files and Tools
"RADVideo" = RAD Video Tools
"rayatitray" = Ray Adams ATI Tray Tools
"RegCure" = RegCure
"Scorpions WinCheater 2.07 (s databází 134)_is1" = Scorpions WinCheater
"Scorpions WinCheater 2.07 (pouze program)_is1" = Scorpions WinCheater
"StarCraft II" = StarCraft II
"Stardock MyColors" = Stardock MyColors
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"TeamViewer 6" = TeamViewer 6
"TES V - Skyrim CZ update 1.3.10.0" = TES V - Skyrim CZ update 1.3.10.0
"Total Video Converter 3.12_is1" = Total Video Converter 3.12 080330
"Totalcmd" = Total Commander (Remove or Repair)
"Tropico3" = Tropico 3 1.00
"Uninstall Tool_is1" = Uninstall Tool
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"WinLiveSuite" = Windows Live Essentials
"World Of Goo [SteamDePowered]" = World Of Goo [SteamDePowered]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"198759b99d126c20" = Twinstar-Launcher
"Akamai" = Akamai NetSession Interface
"Counter-Strike 1.6 v42b instalace" = Counter-Strike 1.6 v42b instalace
"GameRanger" = GameRanger
"Google Chrome" = Google Chrome
"GUNROX" = GUNROX 1.32
"Tunnelers" = Tunnelers
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#12 Příspěvek od **vyosek** » 24 kvě 2012 15:39

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2011/08/17 11:04:36 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2012/03/28 07:15:09 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = Zbani
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKLM\..\SearchScopes\zbani: "URL" = http://home.zbani.com/en/get/{searchTerms}

IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=463fa1f2000000000000bcaec5360095
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BscscnPB&keywords={searchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{A140E0BC-A996-4ED2-AAC9-25E9A7305A30}: "URL" = http://start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\SearchScopes\zbani: "URL" = http://home.zbani.com/en/get/{searchTerms}
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.4&q="
[2012/03/03 09:11:25 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012/05/06 10:32:19 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/03/26 19:44:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/02/24 13:12:34 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/02/28 19:45:18 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com
[2012/02/23 20:24:31 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com
[2012/02/23 20:23:50 | 000,001,797 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\funmoods.xml
[2012/03/26 19:44:19 | 000,000,168 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.gif
[2012/03/26 19:44:19 | 000,000,618 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.src
[2011/03/30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.xml
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods)
O3 - HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O33 - MountPoints2\{ce9b26f0-718e-11e0-a38a-74f06dc29065}\Shell - "" = AutoRun
O33 - MountPoints2\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\Shell - "" = AutoRun
[2012/03/30 17:48:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\0661d493baa9fb77c9aff2360e5dfb75_c
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2012/05/23 17:00:01 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/03/09 14:01:17 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:ECF54A0E

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"uTorrent"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle Game Profiler] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Services Host] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] /64

:files
C:\Program Files (x86)\Uniblue\SpeedUpMyPC
C:\Users\Marek\AppData\Roaming\System Services
C:\Program Files (x86)\Funmoods
C:\Program Files (x86)\ICQ6Toolbar
c:\program files (x86)\common files\akamai
C:\Program Files (x86)\BitTorrentBar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

farren · #13 Příspěvek od **farren** » 24 kvě 2012 15:52

All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe moved successfully.
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry value HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A140E0BC-A996-4ED2-AAC9-25E9A7305A30}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A140E0BC-A996-4ED2-AAC9-25E9A7305A30}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://start.icq.com/" removed from browser.startup.homepage
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.4&q=" removed from keyword.URL
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults\preferences folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\searchplugin folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\META-INF folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\defaults folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\chrome folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com\content\imgs folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com\content folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\ffxtlbr@funmoods.com folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Profiles\lwkxe4wn.default\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\funmoods.xml moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.gif moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.src moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\lwkxe4wn.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Registry value HKEY_USERS\S-1-5-21-3307936248-1867917762-2968108582-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
File C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/octet-stream\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-complus\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\application/x-msdownload\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:systempropertiesperformance.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:userinit.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:systempropertiesperformance.exe deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:credssp.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce9b26f0-718e-11e0-a38a-74f06dc29065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce9b26f0-718e-11e0-a38a-74f06dc29065}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de2df4c8-c7b0-11e0-b213-74f06dc29065}\ not found.
C:\ProgramData\0661d493baa9fb77c9aff2360e5dfb75_c moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP35D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP79F2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4386.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP583E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP77FD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA332.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDBDF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE542.tmp folder deleted successfully.
C:\Windows\Installer\MSI8F51.tmp deleted successfully.
C:\Windows\Installer\MSI99CB.tmp deleted successfully.
C:\Windows\System32\sho8057.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico934B.tmp deleted successfully.
C:\Windows\Tasks\RegCure Program Check.job moved successfully.
C:\Windows\Tasks\RegCure.job moved successfully.
ADS C:\Windows\SysWow64\zlib.dll:SummaryInformation deleted successfully.
ADS C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation deleted successfully.
Unable to delete ADS C:\Windows\System32\zlib.dll:SummaryInformation .
Unable to delete ADS C:\Windows\System32\zlib.dll:DocumentSummaryInformation .
ADS C:\ProgramData\Temp:ECF54A0E deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle Game Profiler\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System Services Host\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Uniblue\SpeedUpMyPC not found.
File\Folder C:\Users\Marek\AppData\Roaming\System Services not found.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh folder moved successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16 folder moved successfully.
C:\Program Files (x86)\Funmoods\funmoods folder moved successfully.
C:\Program Files (x86)\Funmoods folder moved successfully.
C:\Program Files (x86)\ICQ6Toolbar folder moved successfully.
c:\program files (x86)\common files\Akamai\Logs\dump folder moved successfully.
c:\program files (x86)\common files\Akamai\Logs folder moved successfully.
c:\program files (x86)\common files\Akamai\Cache folder moved successfully.
c:\program files (x86)\common files\Akamai folder moved successfully.
C:\Program Files (x86)\BitTorrentBar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Marek
->Temp folder emptied: 35700062 bytes
->Temporary Internet Files folder emptied: 2324729 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22676161 bytes
->Google Chrome cache emptied: 351742573 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 66154 bytes

User: Marek PC
->Temp folder emptied: 24744418 bytes
->Temporary Internet Files folder emptied: 1628219 bytes
->Opera cache emptied: 2841500 bytes

User: Public

%systemdrive% .tmp files removed: 285486 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8487535 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67870 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 430,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Marek
->Flash cache emptied: 0 bytes

User: Marek PC

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.43.1 log created on 05242012_164335

Files\Folders moved on Reboot...
C:\Users\Marek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#14 Příspěvek od **vyosek** » 24 kvě 2012 16:00

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Napiste co PC

farren · #15 Příspěvek od **farren** » 24 kvě 2012 16:36

Ďakujem notebook už ide tak ako predtým
Prajem pekný zvyšok dňa

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu