) log.txt :Logfile of random's system information tool 1.09 (written by random/random)
Run by beowafle at 2012-08-14 20:50:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 4 GB (3%) free of 119 GB
Total RAM: 4095 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:14, on 14.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\Internet Download Manager\IDMan.exe
C:\Users\beowafle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\syswow64\explorer.exe
D:\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\PROGRA~2\THEKMP~1\KMPlayer.exe
D:\uTorrent\uTorrent.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlExHlper.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\beowafle.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Codecv - {A3D5DB9F-C4CC-4272-B002-D67C34CA3842} - C:\ProgramData\Codecv\bhoclass.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [b63b966] C:\Users\beowafle\AppData\Roaming\b63b966\b63b966.exe
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\beowafle\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\beowafle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [123456] C:\Users\beowafle\Documents\DCSCMIN\IMDCSC.exe
O4 - HKCU\..\Run: [b63b966] C:\Users\beowafle\AppData\Roaming\b63b966\b63b966.exe
O4 - HKCU\..\Policies\Explorer\Run: [VisualSubSync] C:\Users\beowafle\AppData\Roaming\1FB2DB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://D:\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Download all links with IDM - D:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download With Album Copier - C:\Program Files (x86)\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Poidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Poidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @D:\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://D:\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @D:\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://D:\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: (no name) - {208413D2-71EE-4052-9C8B-A4F8C6278E64} - C:\Program Files (x86)\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm (HKCU)
O9 - Extra 'Tools' menuitem: Download With Album Copier - {208413D2-71EE-4052-9C8B-A4F8C6278E64} - C:\Program Files (x86)\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: BBUpdate - Unknown owner - (no file)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 16124 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-499218570-5369099861036479373996495217-4978515541500408326-322878987-84016839
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"taskhost.exe"
taskeng.exe {ADFD4C95-CD59-4210-9730-F26007189ABF}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
ATKOSD.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
KBFiltr.exe
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2408
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"D:\Internet Download Manager\IDMan.exe" /onboot
"C:\Windows\System32\StikyNot.exe"
"C:\Users\beowafle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe" /silent
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Windows\syswow64\explorer.exe"
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 8916EB65-3C32-31A1-F806-C6BDAB10E6DE -Reinvoke
"D:\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe"
C:\PROGRA~2\THEKMP~1\KMPlayer.exe -Embedding
"D:\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlExHlper.exe"
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="2788.0.563458382\1554323704" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="2788.1.973671073\1346315969" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="2788.2.2003070019\1354549074" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="2788.3.1127435265\729538040" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\beowafle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.11_0\nplastpass.dll" --lang=cs --channel="2788.4.1938636389\1958680001" /prefetch:4
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.5.1306868977\113196978" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.6.68763454\1147897184" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.7.1453722307\1017419330" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.8.1338200287\1634140697" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.9.2004779268\2072603156" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.10.1345468030\979530658" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.12.100390437\2003488274" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.13.1141586360\619525797" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.14.1028898159\846658329" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2788.15.222721122\889322817" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.16.469662667\493296289" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.17.1161089876\967292939" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.18.141226805\927579010" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.19.2122967591\1663069892" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.20.1075497136\629273935" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2788.21.2067745883\1921374937" --gpu-vendor-id=0x10de --gpu-device-id=0x0649 --gpu-driver-version=8.17.13.142 --ignored=" --type=renderer " /prefetch:12
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.22.335199629\1242057942" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.23.1870260622\198045062" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.24.1674728688\1732665415" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.25.332743034\34655078" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.26.1792693918\655403148" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.27.348525887\9819468" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.30.2087432766\603381488" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.31.355424505\1985847149" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.37.283648576\406181011" /prefetch:3
"C:\Users\beowafle\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/DisallowInline/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/9/Prerender/ContentPrefetchPrerender1/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwndMin16/SpdyImpact/spdy3/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="2788.38.2140432478\1277208940" /prefetch:3
"D:\DATA\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3904428574-343483561-3331389905-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3904428574-343483561-3331389905-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\beowafle\AppData\Roaming\Mozilla\Firefox\Profiles\zqn5ytir.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "battlefieldheroespatcher@ea.com:5.0.31.0, fastdial@telega.phpnet.us:3.4, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, amin.eft_bmnotes@gmail.com:2.5B, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, DTToolbar@toolbarnet.com:1.1.7.0190, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, engine@conduit.com:3.3.3.2, mozilla_cc@internetdownloadmanager.com:5.7, {07b2a769-ed19-4483-87ce-c643914c9626}:1.6, {2458abc0-f443-11dd-87af-0800200c9a66}:3.6.3.1.03.04.10, {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16, {d122ad80-ff45-11dd-87af-0800200c9a66}:3.6.29.01.10, nasanightlaunch@example.com:0.6.20110329release"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=C:\Windows\SysWOW64\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\beowafle\AppData\Roaming\Mozilla\Firefox\Profiles\zqn5ytir.default\extensions\
battlefieldplay4free@ea.com
mozilla_cc@internetdownloadmanager.com
support@lastpass.com
C:\Users\beowafle\AppData\Roaming\Mozilla\Firefox\Profiles\zqn5ytir.default\searchplugins\
askcom.xml
daemon-search.xml
filetubecom.xml
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.xml
pixmac-search.xml
qipsearch.xml
sfd.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - D:\Internet Download Manager\IDMIECC64.dll [2012-07-11 381832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-16 545192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-16 193456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - D:\Internet Download Manager\IDMIECC.dll [2012-07-11 226776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-06-06 329504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3D5DB9F-C4CC-4272-B002-D67C34CA3842}]
Codecv Class - C:\ProgramData\Codecv\bhoclass.dll [2012-04-11 140800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-06-06 59168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-02-19 1337648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-06-22 2786512]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-06-22 3669712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=D:\Internet Download Manager\IDMan.exe [2012-07-27 3515840]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Google Update"=C:\Users\beowafle\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
"Spotify Web Helper"=C:\Users\beowafle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2012-07-27 1193176]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
"123456"=C:\Users\beowafle\Documents\DCSCMIN\IMDCSC.exe []
"b63b966"=C:\Users\beowafle\AppData\Roaming\b63b966\b63b966.exe [2012-08-13 172032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"VisualSubSync"=C:\Users\beowafle\AppData\Roaming\1FB2DB.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-11-30 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
c:\program files (x86)\asus\atk media\dmedia.exe [2009-08-20 170624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atkosd2\atkosd2.exe [2009-08-17 6859392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
c:\program files\microsoft office\office14\bcssync.exe [2010-03-13 112512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2012-02-25 3941192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
c:\program files (x86)\asus\atk hotkey\hcontroluser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
d:\itunes\ituneshelper.exe [2012-03-27 421736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
c:\windows\system32\stikynot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-11 8114720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe [2012-02-16 114992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe [2012-02-26 295728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^beowafle^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
D:\Evernote\EVERNO~2.EXE [2012-06-13 1014112]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Driver Genius"= []
"b63b966"=C:\Users\beowafle\AppData\Roaming\b63b966\b63b966.exe [2012-08-13 172032]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-08-14 20:50:59 ----D---- C:\Program Files\trend micro
2012-08-14 20:50:57 ----D---- C:\rsit
2012-08-14 20:22:22 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-08-14 20:22:21 ----D---- C:\Users\beowafle\AppData\Roaming\Spyware Terminator
2012-08-14 20:22:21 ----D---- C:\ProgramData\Spyware Terminator
2012-08-14 20:20:36 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-08-13 16:53:59 ----SHD---- C:\Users\beowafle\AppData\Roaming\b63b966
2012-08-13 16:53:52 ----A---- C:\Users\beowafle\AppData\Roaming\1FB2DB.dat
2012-08-12 22:44:36 ----D---- C:\Users\beowafle\AppData\Roaming\dclogs
2012-08-12 14:59:26 ----A---- C:\Windows\The Witcher Patch Log.txt
2012-08-12 14:17:06 ----D---- C:\Program Files (x86)\Zaklínač
2012-08-12 13:59:34 ----D---- C:\TWEE_Upgrade
2012-08-11 16:38:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-08-11 16:38:16 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-08-09 18:16:19 ----D---- C:\Windows\Minidump
2012-08-08 23:33:14 ----D---- C:\Flashtool
2012-08-08 23:16:32 ----D---- C:\Program Files (x86)\Sony Media Go Install
2012-08-08 23:03:44 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2012-08-08 23:03:44 ----A---- C:\Windows\system32\drivers\ggflt.sys
2012-08-08 22:53:43 ----D---- C:\ProgramData\Sony Corporation
2012-08-08 21:45:31 ----D---- C:\Users\beowafle\AppData\Roaming\MyPhoneExplorer
2012-08-08 21:45:07 ----D---- C:\Program Files (x86)\MyPhoneExplorer
2012-08-07 23:07:00 ----D---- C:\Program Files (x86)\Alcohol Soft
2012-08-07 22:03:37 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-08-07 22:03:31 ----D---- C:\Users\beowafle\AppData\Roaming\DAEMON Tools Pro
2012-08-07 22:03:23 ----D---- C:\Program Files (x86)\DAEMON Tools Pro
2012-08-07 22:00:36 ----D---- C:\ProgramData\DAEMON Tools Pro
2012-08-07 21:39:00 ----A---- C:\Windows\system32\drivers\atksgt.sys
2012-08-07 21:38:59 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2012-08-07 15:45:57 ----D---- C:\Program Files (x86)\Rovio
2012-08-07 15:01:37 ----D---- C:\Program Files (x86)\iMGSRC.RU Photo Uploader
2012-08-06 22:33:58 ----D---- C:\ProgramData\PMB Files
2012-08-06 22:33:51 ----D---- C:\Program Files (x86)\Pando Networks
2012-08-06 22:33:29 ----D---- C:\Program Files (x86)\GamersFirst
2012-08-06 21:01:03 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2012-08-06 20:48:22 ----D---- C:\Users\beowafle\AppData\Roaming\n-Track Software Data
2012-08-06 20:48:22 ----D---- C:\Users\beowafle\AppData\Roaming\n-Track Drums
2012-08-06 20:48:06 ----D---- C:\Users\beowafle\AppData\Roaming\n-Track Studio 7
2012-08-06 20:47:21 ----D---- C:\Program Files (x86)\n-Track
2012-08-06 20:23:55 ----D---- C:\Program Files (x86)\VirtualDJ
2012-08-05 21:34:15 ----D---- C:\Program Files (x86)\HighGrow
2012-08-05 00:43:35 ----D---- C:\ProgramData\boost_interprocess
2012-08-04 23:40:00 ----D---- C:\Users\beowafle\AppData\Roaming\Nemex
2012-08-04 23:39:54 ----D---- C:\Program Files (x86)\Nemex
2012-08-04 23:23:21 ----D---- C:\Program Files (x86)\Mp3tag
2012-07-27 10:09:23 ----D---- C:\Users\beowafle\AppData\Roaming\Spotify
2012-07-26 20:42:38 ----D---- C:\Program Files (x86)\VisualSubSync
2012-07-26 18:29:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-07-26 18:28:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-07-25 22:07:47 ----D---- C:\ProgramData\JAGUAR
2012-07-25 20:39:45 ----D---- C:\Users\beowafle\AppData\Roaming\My Games
2012-07-25 15:20:40 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2012-07-22 23:27:30 ----D---- C:\Users\beowafle\AppData\Roaming\OnLive App
2012-07-22 23:27:22 ----D---- C:\Program Files (x86)\OnLive
2012-07-22 14:43:53 ----D---- C:\Program Files (x86)\URUSoft
2012-07-17 17:25:49 ----D---- C:\Program Files (x86)\TimeAdjuster
2012-07-17 16:39:25 ----D---- C:\Users\beowafle\AppData\Roaming\PotPlayerMini
2012-07-17 16:38:59 ----D---- C:\Program Files (x86)\Daum
2012-07-17 16:36:50 ----D---- C:\Program Files (x86)\The KMPlayer
2012-07-17 16:19:13 ----D---- C:\Users\beowafle\AppData\Roaming\Media Player Classic
2012-07-17 16:18:57 ----A---- C:\Windows\system32\unrar64.dll
2012-07-17 16:18:55 ----D---- C:\Program Files\MPC-HC
2012-07-17 16:05:50 ----D---- C:\Users\beowafle\AppData\Roaming\vlc
2012-07-15 20:02:50 ----RHD---- C:\Users\beowafle\AppData\Roaming\SecuROM
2012-07-15 19:54:55 ----D---- C:\ProgramData\EA Core
Stahnete RKill 
Přispějete na provoz fóra?
