Opět zpomalený internet :(

[DalrondX]

No tak po 2 dnech mam zase zpomalený internet. Akorát, že tentokrát je odesýlaných bajtů víc než těch přijatých. Přidávám log z Rsit. Kdyby se mi na to někdo mrknul, bylo by to super

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ondrej at 2012-10-17 22:35:42
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 217 GB (46%) free of 477 GB
Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:55, on 17.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Clownfish\Clownfish.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files\trend micro\Ondrej.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-21-818844184-144965152-1167717117-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-818844184-144965152-1167717117-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: LOLRecorder.lnk = C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8C720E5-138E-4046-9CC3-4C3C7D0F137B}: NameServer = 212.158.128.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11472 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
taskeng.exe {28A7EAA7-F22E-426B-B750-81FAACBBB5B3}
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Clownfish\Clownfish.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\LOLReplay\LOLRecorder.exe" -minimize
"C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe" -Customer=ACR -startup_folder -DT_Startup
"C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2268.fa2f500.943019648 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2268 "\\.\pipe\gecko-crash-server-pipe.2268" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --proxy-stub-channel=Flash2212.58FA3A90.41 --host-broker-channel=Flash2212.58FA3A90.18467 --host-pid=2212 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe" --channel=4064.001DF618.887697091 --proxy-stub-channel=Flash2212.58FA3A90.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Ondrej\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnI=I%27m ... e=UTF-8&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-04 157672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Clownfish"=C:\Program Files (x86)\Clownfish\Clownfish.exe [2012-09-27 1122040]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-03-17 3373456]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-03-17 19872]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2011-03-17 896912]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2011-09-25 1242448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PivotSoftware"=C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [2009-03-03 694824]
"DT ACR"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2010-04-30 96880]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
LOLRecorder.lnk - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-05-29 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousUserGroupPolicy"=0
"SynchronousMachineGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe"="C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe:*:Enabled:Windows Messanger"
"C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe"="C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-10-17 22:35:42 ----D---- C:\rsit
2012-10-14 21:45:05 ----D---- C:\Program Files\trend micro
2012-10-14 21:25:21 ----SHD---- C:\$RECYCLE.BIN
2012-10-14 20:47:21 ----A---- C:\AdwCleaner[S2].txt
2012-10-14 20:46:10 ----A---- C:\AdwCleaner[R2].txt
2012-10-14 20:41:27 ----A---- C:\AdwCleaner[R1].txt
2012-10-14 17:12:07 ----D---- C:\Program Files\CCleaner
2012-10-14 16:55:04 ----D---- C:\Program Files (x86)\trend micro
2012-10-14 15:56:47 ----D---- C:\Users\Ondrej\AppData\Roaming\Malwarebytes
2012-10-14 15:28:59 ----D---- C:\Windows\erdnt
2012-10-12 21:30:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2012-10-12 21:30:23 ----A---- C:\Windows\system32\kerberos.dll
2012-10-12 21:30:05 ----A---- C:\Windows\system32\crypt32.dll
2012-10-12 21:30:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-10-12 21:30:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-10-12 21:30:04 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-10-12 21:30:04 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-12 21:30:04 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-12 21:29:27 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-10-12 21:29:27 ----A---- C:\Windows\system32\tzres.dll
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\user.exe
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-10-12 21:28:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-10-12 21:28:34 ----A---- C:\Windows\system32\wow64win.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\wow64cpu.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\wow64.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\winsrv.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\ntvdm64.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\kernel32.dll
2012-10-12 21:28:34 ----A---- C:\Windows\system32\conhost.exe
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-12 21:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-12 21:28:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-12 21:28:26 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-12 21:27:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-10-12 21:27:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-10-12 21:27:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-12 21:27:07 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-10-12 21:27:07 ----A---- C:\Windows\system32\wintrust.dll
2012-10-12 21:26:58 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-12 20:05:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-09 17:34:28 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-10-09 17:34:28 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\nvopencl.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\nvhdap64.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\nvcuvid.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\nvcuda.dll
2012-10-09 17:34:28 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2012-10-09 17:34:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2012-10-09 17:34:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-10-09 17:34:27 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-10-09 17:34:27 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-10-09 17:34:27 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-10-09 17:34:27 ----A---- C:\Windows\system32\nvoglv64.dll
2012-10-09 17:34:27 ----A---- C:\Windows\system32\nvinitx.dll
2012-10-09 17:34:27 ----A---- C:\Windows\system32\nvdispgenco64.dll
2012-10-09 17:34:27 ----A---- C:\Windows\system32\nvcompiler.dll
2012-10-09 17:34:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-10-09 17:34:26 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-10-09 17:09:33 ----D---- C:\Program Files\Common Files\Macrovision Shared
2012-10-09 17:08:36 ----D---- C:\Users\Ondrej\AppData\Roaming\Autodesk
2012-10-09 17:08:36 ----D---- C:\ProgramData\Autodesk
2012-10-09 17:08:36 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-10-09 17:08:36 ----D---- C:\Program Files\AutoCAD 2010
2012-10-07 14:06:43 ----D---- C:\Program Files (x86)\LOLReplay
2012-10-05 13:42:42 ----D---- C:\$WINDOWS.~BT
2012-10-03 20:54:06 ----D---- C:\Program Files (x86)\2K Games
2012-10-02 22:09:10 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2012-10-02 22:08:50 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2012-10-02 22:08:38 ----D---- C:\Program Files\Oracle
2012-10-02 20:04:14 ----D---- C:\Users\Ondrej\AppData\Roaming\SpeedyPC Software
2012-10-02 20:04:14 ----D---- C:\Users\Ondrej\AppData\Roaming\DriverCure
2012-10-02 19:11:37 ----D---- C:\Users\Ondrej\AppData\Roaming\Anvisoft
2012-10-02 19:10:49 ----D---- C:\ProgramData\Anvisoft
2012-10-02 19:10:47 ----D---- C:\Program Files (x86)\Anvisoft
2012-10-02 18:17:01 ----D---- C:\Program Files\Enigma Software Group
2012-10-02 17:12:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-10-02 17:12:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-10-02 17:12:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-10-02 17:12:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-10-02 17:12:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-10-02 17:12:33 ----A---- C:\Windows\system32\mshtmled.dll
2012-10-02 17:12:33 ----A---- C:\Windows\system32\mshtml.dll
2012-10-02 17:12:33 ----A---- C:\Windows\system32\msfeeds.dll
2012-10-02 17:12:33 ----A---- C:\Windows\system32\ieui.dll
2012-10-02 17:12:33 ----A---- C:\Windows\system32\ieframe.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-10-02 17:12:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-10-02 17:12:32 ----A---- C:\Windows\system32\wininet.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\vbscript.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\urlmon.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\jsproxy.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\jscript9.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\jscript.dll
2012-10-02 17:12:32 ----A---- C:\Windows\system32\ieUnatt.exe
2012-10-02 17:12:31 ----A---- C:\Windows\SYSWOW64\url.dll
2012-10-02 17:12:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-10-02 17:12:31 ----A---- C:\Windows\system32\url.dll
2012-10-02 17:12:31 ----A---- C:\Windows\system32\iertutil.dll
2012-10-02 17:11:45 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-10-02 17:11:23 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-10-02 17:11:23 ----A---- C:\Windows\system32\d3d10level9.dll
2012-10-02 17:10:46 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-10-02 17:10:46 ----A---- C:\Windows\system32\drivers\netio.sys
2012-10-02 17:10:46 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-10-02 17:10:28 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-10-02 17:10:28 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-10-02 17:10:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2012-10-02 17:10:08 ----A---- C:\Windows\system32\win32spl.dll
2012-10-02 17:10:08 ----A---- C:\Windows\system32\spoolsv.exe
2012-10-02 17:10:08 ----A---- C:\Windows\splwow64.exe
2012-10-02 17:09:50 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2012-10-02 17:09:50 ----A---- C:\Windows\SYSWOW64\browcli.dll
2012-10-02 17:09:50 ----A---- C:\Windows\system32\netapi32.dll
2012-10-02 17:09:50 ----A---- C:\Windows\system32\browser.dll
2012-10-02 17:09:50 ----A---- C:\Windows\system32\browcli.dll
2012-10-02 17:09:02 ----A---- C:\Windows\SYSWOW64\srclient.dll
2012-10-02 17:09:02 ----A---- C:\Windows\system32\srcore.dll
2012-10-02 17:08:48 ----A---- C:\Windows\system32\localspl.dll
2012-10-02 17:08:33 ----A---- C:\Windows\system32\win32k.sys
2012-10-02 17:08:18 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-10-02 17:08:18 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-10-02 17:08:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-10-02 17:08:18 ----A---- C:\Windows\system32\msxml6.dll
2012-10-02 17:08:18 ----A---- C:\Windows\system32\msxml3r.dll
2012-10-02 17:08:18 ----A---- C:\Windows\system32\msxml3.dll
2012-10-02 17:07:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-10-02 17:07:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-10-02 17:07:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-10-02 17:07:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-10-02 17:07:07 ----A---- C:\Windows\system32\schannel.dll
2012-10-02 17:07:07 ----A---- C:\Windows\system32\ncrypt.dll
2012-10-02 17:07:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-10-02 17:07:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-10-02 17:07:07 ----A---- C:\Windows\system32\drivers\cng.sys
2012-10-02 17:06:46 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-10-02 17:06:46 ----A---- C:\Windows\system32\shell32.dll
2012-10-02 17:06:26 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-10-02 17:06:26 ----A---- C:\Windows\system32\cdosys.dll
2012-10-02 17:05:54 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-10-02 17:05:54 ----A---- C:\Windows\system32\rdpwsx.dll
2012-10-02 17:05:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-10-02 17:05:47 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-10-02 17:05:47 ----A---- C:\Windows\system32\qdvd.dll
2012-10-02 17:05:39 ----A---- C:\Windows\system32\rdpcorets.dll
2012-10-02 17:05:39 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-10-02 17:01:52 ----A---- C:\Windows\system32\profsvc.dll
2012-10-02 17:01:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-10-02 17:01:44 ----A---- C:\Windows\system32\msi.dll
2012-10-02 16:48:11 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2012-10-02 16:36:36 ----D---- C:\ProgramData\IObit
2012-10-02 16:33:55 ----D---- C:\Users\Ondrej\AppData\Roaming\IObit
2012-10-02 16:33:54 ----D---- C:\Program Files (x86)\IObit
2012-10-02 16:33:30 ----D---- C:\Program Files\IObit
2012-09-29 12:55:44 ----D---- C:\ProgramData\ESET
2012-09-29 12:55:44 ----D---- C:\Program Files\ESET
2012-09-26 18:47:31 ----D---- C:\Windows\SYSWOW64\C2MP
2012-09-24 20:36:32 ----D---- C:\Users\Ondrej\AppData\Roaming\Soldat
2012-09-24 20:05:53 ----D---- C:\Program Files (x86)\Payday The Heist
2012-09-24 19:40:39 ----D---- C:\Program Files (x86)\Steam
2012-09-24 17:48:24 ----D---- C:\Program Files (x86)\Tunngle
2012-09-18 20:59:10 ----D---- C:\Program Files (x86)\Left 4 Dead 2

======List of files/folders modified in the last 1 month======

2012-10-17 22:35:47 ----D---- C:\Windows\Temp
2012-10-17 22:31:16 ----D---- C:\Users\Ondrej\AppData\Roaming\Skype
2012-10-17 21:12:21 ----D---- C:\Windows\System32
2012-10-17 21:12:21 ----D---- C:\Windows\inf
2012-10-17 21:12:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-17 21:09:49 ----D---- C:\Users\Ondrej\AppData\Roaming\BitComet
2012-10-17 19:24:43 ----D---- C:\ProgramData\TrackMania
2012-10-17 18:14:22 ----SD---- C:\Users\Ondrej\AppData\Roaming\Microsoft
2012-10-17 14:40:29 ----D---- C:\Windows\system32\config
2012-10-17 14:27:29 ----D---- C:\ProgramData\NVIDIA
2012-10-15 15:52:14 ----D---- C:\Windows\system32\drivers
2012-10-14 23:02:25 ----D---- C:\Windows
2012-10-14 22:14:00 ----D---- C:\Windows\Tasks
2012-10-14 21:45:05 ----RD---- C:\Program Files
2012-10-14 21:02:59 ----A---- C:\Windows\system.ini
2012-10-14 21:02:49 ----D---- C:\Windows\system32\drivers\etc
2012-10-14 20:59:30 ----D---- C:\Windows\SYSWOW64\drivers
2012-10-14 20:59:30 ----D---- C:\Windows\SysWOW64
2012-10-14 20:59:30 ----D---- C:\Windows\AppPatch
2012-10-14 20:59:30 ----D---- C:\Program Files (x86)\Common Files
2012-10-14 17:45:21 ----D---- C:\ProgramData
2012-10-14 17:29:16 ----RD---- C:\Program Files (x86)
2012-10-14 17:21:44 ----D---- C:\Windows\system32\catroot2
2012-10-14 17:14:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-10-14 17:14:17 ----D---- C:\Users\Ondrej\AppData\Roaming\TS3Client
2012-10-14 17:13:56 ----D---- C:\Windows\Logs
2012-10-14 17:13:56 ----D---- C:\Windows\debug
2012-10-14 17:12:09 ----D---- C:\Windows\system32\Tasks
2012-10-14 15:30:23 ----SHD---- C:\System Volume Information
2012-10-14 14:36:23 ----D---- C:\Windows\system32\NDF
2012-10-14 12:03:21 ----D---- C:\Program Files (x86)\SpeedFan
2012-10-13 08:28:05 ----D---- C:\Windows\winsxs
2012-10-12 22:20:46 ----D---- C:\Windows\SYSWOW64\es-ES
2012-10-12 22:20:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-10-12 22:20:46 ----D---- C:\Windows\system32\es-ES
2012-10-12 22:20:46 ----D---- C:\Windows\system32\cs-CZ
2012-10-12 21:30:22 ----D---- C:\Windows\system32\catroot
2012-10-12 21:23:24 ----D---- C:\Users\Ondrej\AppData\Roaming\DAEMON Tools Lite
2012-10-12 20:31:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-12 16:17:08 ----D---- C:\Downloads
2012-10-12 14:58:57 ----D---- C:\Users\Ondrej\AppData\Roaming\GarenaPlus
2012-10-12 14:58:56 ----D---- C:\ProgramData\GarenaMessenger
2012-10-09 19:59:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-10-09 17:38:00 ----SHD---- C:\Windows\Installer
2012-10-09 17:37:57 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-10-09 17:37:12 ----D---- C:\Windows\system32\DriverStore
2012-10-09 17:35:53 ----D---- C:\Temp
2012-10-09 17:35:16 ----D---- C:\Program Files\NVIDIA Corporation
2012-10-09 17:11:16 ----RSD---- C:\Windows\assembly
2012-10-09 17:11:16 ----D---- C:\Windows\Microsoft.NET
2012-10-09 17:10:56 ----D---- C:\Windows\Downloaded Program Files
2012-10-09 17:10:44 ----D---- C:\Windows\Help
2012-10-09 17:09:33 ----D---- C:\Program Files\Common Files
2012-10-09 17:09:11 ----RSD---- C:\Windows\Fonts
2012-10-04 15:16:32 ----D---- C:\Windows\rescache
2012-10-03 21:04:44 ----D---- C:\ProgramData\Tunngle
2012-10-03 20:51:05 ----D---- C:\Users\Ondrej\AppData\Roaming\NVIDIA
2012-10-03 18:42:32 ----D---- C:\Users\Ondrej\AppData\Roaming\Tunngle
2012-10-02 22:09:10 ----DC---- C:\Windows\system32\DRVSTORE
2012-10-02 20:19:49 ----D---- C:\Windows\SYSWOW64\migration
2012-10-02 20:19:49 ----D---- C:\Windows\system32\migration
2012-10-02 20:19:49 ----D---- C:\Program Files\Internet Explorer
2012-10-02 20:19:49 ----D---- C:\Program Files (x86)\Internet Explorer
2012-10-02 19:40:49 ----D---- C:\ProgramData\Adobe
2012-10-02 19:37:03 ----D---- C:\Users\Ondrej\AppData\Roaming\DeepBurner
2012-10-02 19:36:49 ----D---- C:\Windows\Panther
2012-10-02 18:45:23 ----D---- C:\Windows\system32\appmgmt
2012-09-29 12:47:43 ----D---- C:\Windows\Prefetch
2012-09-28 21:49:37 ----D---- C:\Program Files (x86)\TERA
2012-09-28 07:44:18 ----D---- C:\Windows\LiveKernelReports
2012-09-28 00:18:28 ----A---- C:\Windows\system32\MRT.exe
2012-09-24 21:05:25 ----D---- C:\Users\Ondrej\AppData\Roaming\Hamachi
2012-09-19 16:42:02 ----D---- C:\Program Files (x86)\Garena Plus
2012-09-18 21:13:40 ----D---- C:\Windows\SYSWOW64\directx
2012-09-18 07:37:19 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-05-29 560184]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-09-13 237400]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-09-13 119640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-16 283200]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-10-17 25640]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-08-05 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\system32\DRIVERS\PdiPorts.sys [2009-12-17 20592]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-09-13 131416]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-09-13 146264]
S1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2010-01-15 158736]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2010-01-15 48144]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 ATICDSDr;ATICDSDr; \??\C:\Users\Ondrej\AppData\Local\Temp\ATICDSDr.sys []
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-05-29 25640]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-05-30 30528]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-11 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-11 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-11 33792]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-09-13 105816]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [2010-04-30 121456]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-12-17 109168]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-12 76888]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-11 136176]
S2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-09 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-11 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-29 1255736]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Márty84]

Zdravim

Jak je to s legalitou systemu? Ultiamte neni zrovna bezna domaci verze



Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[DalrondX]

Při tom vyhledávání mi to vyhodilo chybovou hlášku, že se nemohlo vytvořit na ploše cmd.bat a pak se to sekne pri skanování registru :/ nevíte proč?

[Márty84]

Asi jste prehledl mou otazku

Jak je to s legalitou systemu? Ultiamte neni zrovna bezna domaci verze

Tuhle chybu obcas OTL vyhodi. Zkuste OTL spustit znovu, tentokrat s timto upravenym skriptem.

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[DalrondX]

No tak s legalitou OS to mam asi jako 80% populace vlastniku OS v ČR...

[DalrondX]

Posílám log z OTL.txt část 1.

OTL logfile created on: 18.10.2012 19:23:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondrej\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 35,89% Memory free
7,99 Gb Paging File | 4,11 Gb Available in Paging File | 51,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 215,62 Gb Free Space | 46,30% Space Free | Partition Type: NTFS

Computer Name: ONDREJ-PC | User Name: Ondrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.18 16:54:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondrej\Desktop\OTL.exe
PRC - [2012.10.18 08:09:11 | 009,463,144 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.193\deploy\League of Legends.exe
PRC - [2012.10.12 20:09:12 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.10.09 19:59:52 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.27 16:18:36 | 001,122,040 | ---- | M] (Bogdan Sharkov) -- C:\Program Files (x86)\Clownfish\Clownfish.exe
PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.08.23 12:34:16 | 000,522,752 | ---- | M] (LOL Replay) -- C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.12 19:59:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.24 10:10:29 | 002,686,976 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.97\deploy\LoLLauncher.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.12.21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.10.29 14:40:57 | 001,294,336 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2011.09.25 13:31:09 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.03.17 23:07:16 | 003,373,456 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.03.17 23:07:14 | 000,896,912 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2011.03.17 23:07:00 | 000,019,872 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.09.08 09:09:02 | 000,144,384 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Ondrej\Desktop\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.217\deploy\LolClient.exe
PRC - [2010.04.30 16:19:36 | 000,121,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010.04.30 16:19:34 | 001,227,376 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Acer Display\eDisplay Management\dthtml.exe
PRC - [2009.12.17 19:07:24 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.03.03 11:42:16 | 000,694,824 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
PRC - [2009.03.03 11:42:12 | 000,694,824 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.18 08:09:12 | 000,933,888 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.193\deploy\rads.dll
MOD - [2012.10.18 08:09:11 | 009,463,144 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.193\deploy\League of Legends.exe
MOD - [2012.10.14 22:16:07 | 000,055,816 | ---- | M] () -- C:\Users\Ondrej\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
MOD - [2012.10.12 20:09:10 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.10.09 19:59:51 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.10.02 20:26:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.10.02 17:05:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012.10.02 17:05:00 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.10.02 17:04:58 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012.10.02 17:04:49 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.10.02 17:00:38 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.resources.dll
MOD - [2012.10.02 17:00:10 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.10.02 16:59:59 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.10.02 16:59:52 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.10.02 16:59:50 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012.08.23 12:34:14 | 000,311,808 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\LOLUtils.dll
MOD - [2012.08.22 07:28:40 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Launcher.dll
MOD - [2012.08.22 07:28:28 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Air.dll
MOD - [2012.08.22 07:28:10 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Recorder.dll
MOD - [2012.08.17 16:59:40 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\LOLReplay\Compression.dll
MOD - [2012.05.30 21:08:02 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.30 21:06:59 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\96a149ba4b2815522be9c1d99b2be593\System.Data.DataSetExtensions.ni.dll
MOD - [2012.05.30 21:06:47 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4f6f91ae9ca4f02c6a2083e617272935\UIAutomationProvider.ni.dll
MOD - [2012.05.30 21:06:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.30 21:06:37 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d366dc4740be07fae77ff39bd82b8b\System.EnterpriseServices.ni.dll
MOD - [2012.05.30 21:06:37 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1d20e8edb2de76eeb13916f96cc7d7e9\System.Transactions.ni.dll
MOD - [2012.05.30 21:06:37 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d366dc4740be07fae77ff39bd82b8b\System.EnterpriseServices.Wrapper.dll
MOD - [2012.05.30 21:06:34 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a8079623eab0ba9e106436885a0281d\System.Xml.Linq.ni.dll
MOD - [2012.05.30 21:06:16 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.30 21:06:10 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\ecc3a90b9f37eef16697078780e54544\Accessibility.ni.dll
MOD - [2012.05.30 15:39:38 | 006,841,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\24ac1dde2e59fd7d816228b87a8c7c50\System.Data.ni.dll
MOD - [2012.05.30 15:39:34 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.30 15:39:33 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.30 15:39:31 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.30 15:39:30 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.30 15:39:29 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.30 15:39:26 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\3ca79e608c5338a36466e9afffa2cbd5\System.Numerics.ni.dll
MOD - [2012.05.30 15:39:25 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.05.30 07:19:33 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll
MOD - [2012.05.30 07:18:44 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012.05.30 07:18:35 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012.05.30 07:18:07 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012.05.30 07:18:05 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll
MOD - [2012.05.30 07:18:04 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll
MOD - [2012.05.30 07:10:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012.05.30 07:09:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.30 07:09:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.30 07:09:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.30 07:09:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.30 07:09:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.24 10:10:29 | 002,686,976 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.97\deploy\LoLLauncher.exe
MOD - [2011.10.29 14:40:57 | 001,294,336 | ---- | M] () -- C:\Users\Ondrej\Desktop\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2011.09.25 13:31:55 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011.09.09 00:00:00 | 014,407,976 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011.09.09 00:00:00 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011.09.09 00:00:00 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011.09.09 00:00:00 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011.03.17 23:07:00 | 000,019,872 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.03.08 14:42:08 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\System.Data.SQLite.dll
MOD - [2011.03.08 14:42:06 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\MediaModules\LDBCShConv.dll
MOD - [2011.03.08 14:42:06 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\MediaModules\DNSe.dll
MOD - [2011.03.08 14:41:52 | 000,712,704 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\SHOWDRM_UCC.dll
MOD - [2011.03.08 14:41:50 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\drmcm.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:54:38 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.04.30 16:19:32 | 000,084,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2010.04.30 16:10:18 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.Runtime.Serialization.resources.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.03.03 11:42:16 | 000,694,824 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
MOD - [2009.03.03 11:42:12 | 000,694,824 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
MOD - [2009.03.03 11:40:46 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\Winphook.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012.10.09 17:09:33 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.12 20:09:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 19:59:53 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.07.12 19:59:38 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.04.30 16:19:36 | 000,121,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.17 19:07:24 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2009.10.15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012.09.13 07:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.05 12:44:45 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.06.16 16:47:30 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.05.29 12:48:04 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.03.14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012.03.14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012.03.14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.05.13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.05.13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.05.13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011.05.13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.04.27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.03.22 11:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.15 12:54:32 | 000,158,736 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2010.01.15 12:54:32 | 000,048,144 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2009.12.17 19:07:02 | 000,020,592 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.11.11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV - [2012.10.18 13:49:33 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.05.30 15:17:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.05.29 13:54:38 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\..\SearchScopes\{3AE17E74-EABE-4cce-ACB2-ACD9FBDD645C}: "URL" = http://search.yahoo.com/search?p={searc ... type=STDVM
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\..\SearchScopes\{8B660BE7-943B-4968-A1AC-13C7DE3E9745}: "URL" = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\..\SearchScopes\{C32377A3-8EA0-45b8-9F0A-2B0B8EBB6FE9}: "URL" = http://www.google.com/cse?cx=partner-pu ... 4067623346
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-818844184-144965152-1167717117-1001\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No CLSID value found
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1001\..\SearchScopes\{C364F53A-1545-40c5-BE70-D1720DEE22D7}: "URL" = http://www.google.com/custom?client=pub ... earchTerms}
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1001\..\SearchScopes\{F12530A3-CAAB-4f29-930C-D1DAA54BE24B}: "URL" = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
IE - HKU\S-1-5-21-818844184-144965152-1167717117-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnI=I%27m ... e=UTF-8&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ondrej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.09.29 12:55:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 17:29:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.12 20:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.09.29 12:55:54 | 000,000,000 | ---D | M]

[2012.05.29 10:49:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondrej\AppData\Roaming\Mozilla\Extensions
[2012.10.14 17:29:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\extensions
[2012.05.29 20:42:43 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Ondrej\AppData\Roaming\Mozilla\Firefox\Profiles\5bh6hcvu.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2012.10.12 20:05:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.12 20:09:12 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.03 08:59:20 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2012.08.30 18:39:44 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.30 18:39:44 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.30 18:39:44 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.30 18:39:44 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.30 18:39:44 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Blekko (Enabled)
CHR - default_search_provider: search_url = http://blekko.com/ws/?source=c3348dd4&t ... earchTerms}
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2012.10.14 21:02:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-818844184-144965152-1167717117-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-818844184-144965152-1167717117-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8C720E5-138E-4046-9CC3-4C3C7D0F137B}: NameServer = 212.158.128.2
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.ffds - ff_vfw.dll ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.lags - lagarith.dll ( )
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.g723 - g723.acm File not found
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.I263 - C:\Windows\SysWow64\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i263_32.drv (Intel Corporation)
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.lags - C:\Windows\SysWow64\Lagarith.dll ( )
Drivers32: vidc.tm2a - C:\Windows\SysWow64\tm2a.dll (The Duck Corporation)
Drivers32: vidc.tm2x - C:\Windows\SysWow64\tm2x.dll (The Duck Corporation)
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.10.18 16:54:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ondrej\Desktop\OTL.exe
[2012.10.17 22:35:42 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.14 21:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.14 21:25:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.10.14 20:51:48 | 001,678,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Ondrej\Desktop\rkill.com
[2012.10.14 17:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.14 17:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.10.14 16:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012.10.14 15:56:47 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\Malwarebytes
[2012.10.14 15:28:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.10.12 21:30:05 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.12 21:30:04 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.12 21:28:34 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.12 21:28:34 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.12 21:28:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.12 21:28:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.12 21:28:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.12 21:28:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.12 21:28:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.12 21:28:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.12 21:28:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.12 21:28:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.12 21:28:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.12 21:28:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.12 21:28:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.12 21:28:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.12 21:28:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.12 21:28:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.12 21:28:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.12 21:28:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.12 21:28:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.12 21:27:24 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.12 21:27:24 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.12 21:27:24 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.12 21:27:07 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.12 20:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.09 17:34:28 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.10.09 17:34:28 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.10.09 17:34:28 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.10.09 17:34:28 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.10.09 17:34:28 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.10.09 17:34:28 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.10.09 17:34:28 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.10.09 17:34:28 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.10.09 17:34:27 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.10.09 17:34:27 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.10.09 17:34:27 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.10.09 17:34:27 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.10.09 17:34:27 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.10.09 17:34:27 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.10.09 17:34:27 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.10.09 17:34:27 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012.10.09 17:34:27 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012.10.09 17:34:26 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012.10.09 17:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.10.09 17:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012.10.09 17:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2012.10.09 17:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2012.10.09 17:08:36 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\Autodesk
[2012.10.09 17:08:36 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Local\Autodesk
[2012.10.09 17:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2012.10.09 17:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\AutoCAD 2010
[2012.10.09 17:01:35 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\Desktop\autocad-2010-cz-win64
[2012.10.07 14:13:36 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\Desktop\LOLReplay
[2012.10.07 14:07:55 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\Documents\LOLReplay
[2012.10.07 14:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2012.10.07 09:41:44 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\Desktop\League of Legends SJ
[2012.10.05 21:34:29 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\VirtualBox VMs
[2012.10.05 13:42:42 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
[2012.10.03 20:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012.10.03 20:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012.10.03 19:22:56 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Local\SKIDROW
[2012.10.02 22:09:55 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\.VirtualBox
[2012.10.02 22:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.10.02 22:08:38 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.10.02 20:04:14 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\SpeedyPC Software
[2012.10.02 20:04:14 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\DriverCure
[2012.10.02 19:20:41 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012.10.02 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\Anvisoft
[2012.10.02 19:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012.10.02 19:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2012.10.02 19:10:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2012.10.02 18:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.10.02 18:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012.10.02 17:12:33 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.02 17:12:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.02 17:12:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.02 17:12:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.02 17:12:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.02 17:12:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.02 17:12:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.02 17:12:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.02 17:12:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.02 17:12:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.02 17:12:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.10.02 17:12:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.02 17:12:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.02 17:12:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.02 17:12:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.02 17:11:45 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.10.02 17:11:23 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.10.02 17:10:46 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.02 17:10:46 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.10.02 17:10:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.10.02 17:10:08 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.02 17:10:08 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.10.02 17:10:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.10.02 17:09:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.02 17:09:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.10.02 17:09:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.10.02 17:09:02 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.10.02 17:08:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.10.02 17:08:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.10.02 17:08:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.10.02 17:07:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.02 17:06:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.10.02 17:06:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.10.02 17:05:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.10.02 17:05:54 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.10.02 17:05:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.10.02 17:05:47 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.10.02 17:05:47 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.10.02 17:05:39 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.10.02 17:01:44 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.10.02 16:48:11 | 000,024,960 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012.10.02 16:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012.10.02 16:33:55 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\IObit
[2012.10.02 16:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012.10.02 16:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012.09.29 12:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.09.29 12:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.09.29 12:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.26 18:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecs for Windows 7 Pack
[2012.09.26 18:47:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2012.09.24 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Roaming\Soldat
[2012.09.24 20:05:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Payday The Heist
[2012.09.24 19:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.09.24 19:40:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012.09.24 18:56:40 | 000,000,000 | ---D | C] -- C:\Users\Ondrej\AppData\Local\PAYDAY
[2012.09.24 17:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.09.24 17:48:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.09.24 17:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2012.09.18 20:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Left 4 Dead 2

[DalrondX]

Posílám log z OTL.txt část 2.

========== Files - Modified Within 30 Days ==========

[2012.10.18 19:25:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.18 18:58:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.18 16:54:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ondrej\Desktop\OTL.exe
[2012.10.18 13:57:12 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.18 13:57:12 | 000,016,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.18 13:55:32 | 002,523,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.10.18 13:55:32 | 000,747,382 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012.10.18 13:55:32 | 000,678,326 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.10.18 13:55:32 | 000,663,794 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.10.18 13:55:32 | 000,163,108 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012.10.18 13:55:32 | 000,146,216 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.10.18 13:55:32 | 000,125,924 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.10.18 13:49:33 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.10.18 13:49:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.18 13:49:22 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.14 21:44:58 | 000,935,175 | ---- | M] () -- C:\Users\Ondrej\Desktop\RSITx64.exe
[2012.10.14 21:02:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.10.14 20:51:58 | 001,678,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Ondrej\Desktop\rkill.com
[2012.10.14 20:41:15 | 000,538,941 | ---- | M] () -- C:\Users\Ondrej\Desktop\adwcleaner.exe
[2012.10.14 17:12:09 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.14 14:14:57 | 000,000,644 | RHS- | M] () -- C:\Users\Ondrej\ntuser.pol
[2012.10.12 21:30:05 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.12 21:30:04 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.12 21:28:34 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.12 21:28:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.12 21:28:34 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.12 21:28:34 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.12 21:28:34 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.12 21:28:34 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.12 21:28:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.12 21:28:34 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.12 21:28:34 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.12 21:28:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.12 21:28:34 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.12 21:28:34 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.12 21:28:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.12 21:28:33 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.12 21:28:33 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.12 21:28:27 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.12 21:28:27 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.12 21:28:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.12 21:28:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.12 21:28:26 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.12 21:28:26 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.12 21:28:26 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.12 21:27:24 | 005,559,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.12 21:27:24 | 003,968,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.12 21:27:24 | 003,914,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.12 21:27:07 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.12 15:20:08 | 000,045,270 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\room_v3.dat
[2012.10.10 20:13:58 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 14:32:15 | 000,001,901 | ---- | M] () -- C:\Users\Ondrej\Desktop\Clownfish.lnk
[2012.10.10 06:43:13 | 000,509,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.09 19:59:52 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.09 19:59:52 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.09 17:46:45 | 000,001,993 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.10.09 17:46:45 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.10.09 17:09:13 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2010 - česky.lnk
[2012.10.05 13:43:23 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.10.05 13:43:23 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.10.03 22:30:31 | 000,004,276 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\kaos
[2012.10.02 22:09:11 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.10.02 18:54:39 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20121014-110305.backup
[2012.10.02 17:12:33 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.02 17:12:33 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.02 17:12:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.02 17:12:33 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.02 17:12:33 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.02 17:12:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.02 17:12:32 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.02 17:12:32 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.02 17:12:32 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.02 17:12:32 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.02 17:12:32 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.10.02 17:12:32 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.02 17:12:32 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.02 17:12:31 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.02 17:12:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.02 17:11:45 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.10.02 17:11:23 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.10.02 17:10:46 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.02 17:10:46 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.10.02 17:10:28 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.10.02 17:10:08 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.02 17:10:08 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.10.02 17:10:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.10.02 17:09:50 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.02 17:09:50 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.10.02 17:09:50 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.10.02 17:09:02 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.10.02 17:08:48 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.10.02 17:08:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.10.02 17:08:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.10.02 17:07:07 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.02 17:06:26 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.10.02 17:06:26 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.10.02 17:05:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.10.02 17:05:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.10.02 17:05:54 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.10.02 17:05:47 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.10.02 17:05:47 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.10.02 17:05:39 | 001,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.10.02 17:01:44 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.09.30 19:10:56 | 262,562,351 | ---- | M] () -- C:\Users\Ondrej\Desktop\Elita.rar
[2012.09.24 20:37:53 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2012.09.24 20:08:11 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Payday The Heist.lnk
[2012.09.24 19:40:41 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.09.24 17:48:26 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.09.18 21:13:48 | 000,001,147 | ---- | M] () -- C:\Users\Ondrej\Desktop\L4D2 SDK Launcher.lnk
[2012.09.18 21:13:47 | 000,001,097 | ---- | M] () -- C:\Users\Ondrej\Desktop\L4D2 NonSteam Guide.lnk
[2012.09.18 21:13:47 | 000,001,092 | ---- | M] () -- C:\Users\Ondrej\Desktop\L4D2 Control Panel.lnk

========== Files Created - No Company Name ==========

[2012.10.18 16:57:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.14 21:44:55 | 000,935,175 | ---- | C] () -- C:\Users\Ondrej\Desktop\RSITx64.exe
[2012.10.14 20:41:10 | 000,538,941 | ---- | C] () -- C:\Users\Ondrej\Desktop\adwcleaner.exe
[2012.10.14 17:12:09 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.09 17:09:13 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2010 - česky.lnk
[2012.10.07 14:06:44 | 000,001,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.10.07 14:06:44 | 000,001,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2012.10.07 14:06:44 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2012.10.03 21:03:28 | 000,004,276 | ---- | C] () -- C:\Users\Ondrej\AppData\Roaming\kaos
[2012.10.02 22:09:11 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.09.30 19:09:35 | 262,562,351 | ---- | C] () -- C:\Users\Ondrej\Desktop\Elita.rar
[2012.09.24 20:37:53 | 000,000,000 | R--- | C] () -- C:\logwmemory.bin
[2012.09.24 19:40:41 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.09.24 18:01:50 | 000,000,918 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Payday The Heist.lnk
[2012.09.24 18:01:50 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Payday The Heist.lnk
[2012.09.24 17:48:26 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.09.12 23:45:38 | 000,045,270 | ---- | C] () -- C:\Users\Ondrej\AppData\Roaming\room_v3.dat
[2012.09.02 14:59:34 | 000,147,112 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.08.26 23:10:34 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012.08.26 23:03:11 | 000,000,644 | RHS- | C] () -- C:\Users\Ondrej\ntuser.pol
[2012.08.21 05:15:22 | 003,978,240 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012.08.21 05:14:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.21 05:12:48 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012.08.21 05:12:34 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012.08.21 05:12:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012.08.21 05:12:30 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012.08.21 05:12:28 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012.08.21 05:12:28 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012.08.21 05:12:28 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012.08.21 05:12:24 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2012.08.15 09:43:05 | 000,013,840 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2012.08.04 18:55:39 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.07.19 20:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012.07.19 20:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012.07.19 20:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012.07.19 20:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012.07.19 20:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012.07.19 20:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012.07.19 20:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2012.07.17 11:55:23 | 000,000,094 | ---- | C] () -- C:\Users\Ondrej\AppData\Local\fusioncache.dat
[2012.07.12 17:46:33 | 000,282,472 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.12 17:46:30 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.12 17:46:27 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.07.04 09:33:52 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
[2012.06.24 14:40:37 | 000,007,597 | ---- | C] () -- C:\Users\Ondrej\AppData\Local\resmon.resmoncfg
[2012.05.29 10:44:30 | 002,555,428 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.05.29 10:37:36 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.05.29 10:27:10 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.05.29 10:26:10 | 000,007,432 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2012.05.23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.05.23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.05.23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.05.23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.03.08 14:41:06 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011.03.03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011.03.03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.10.02 17:06:46 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.10.02 17:06:46 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.09.08 20:02:22 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\.anki
[2012.10.02 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Anvisoft
[2012.10.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Autodesk
[2012.10.17 21:09:49 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BitComet
[2012.07.13 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BSplayer
[2012.06.24 20:17:36 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO
[2012.06.23 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\ConMet
[2012.10.12 21:23:24 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DAEMON Tools Lite
[2012.10.02 19:37:03 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DeepBurner
[2012.05.29 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DisplayTune
[2012.10.02 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DriverCure
[2012.06.24 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\esmska
[2012.10.12 14:58:57 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\GarenaPlus
[2012.10.02 16:36:15 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\IObit
[2012.06.07 21:13:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LG Electronics
[2012.07.02 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LolClient
[2012.05.29 11:26:41 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LolClient2
[2012.09.04 15:16:37 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\mplayer
[2012.08.26 17:33:08 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\PFStaticIP
[2012.06.02 15:01:27 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Samsung
[2012.09.24 20:36:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Soldat
[2012.10.02 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\SpeedyPC Software
[2012.09.14 13:27:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Temp
[2012.10.14 17:14:17 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\TS3Client
[2012.10.03 18:42:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Tunngle
[2012.08.23 10:10:54 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Unity

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,614 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.09.17 18:34:29 | 000,000,838 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.10.02 17:10:46 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.10.02 17:10:46 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\erdnt\cache64\tcpip.sys
[2012.10.02 17:10:46 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.02 17:10:46 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2544bf80e6d8197c50bf8303bcd215f7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2544bf80e6d8197c50bf8303bcd215f7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4863c1ae6d4e7497f1fb128e32589396\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4863c1ae6d4e7497f1fb128e32589396\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\581d605734499990c5064e2164715b7a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\581d605734499990c5064e2164715b7a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c6ff597ca4b3da52b54ef1f9ad7d61b2\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c6ff597ca4b3da52b54ef1f9ad7d61b2\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

[DalrondX]

Posílám log z OTL.txt část 3.

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.09.08 20:02:22 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\.anki
[2012.06.05 11:39:37 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Adobe
[2012.06.04 10:24:40 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\AdobeUM
[2012.10.02 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Anvisoft
[2012.10.11 21:55:20 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Autodesk
[2012.10.17 21:09:49 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BitComet
[2012.07.13 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BSplayer
[2012.06.24 20:17:36 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO
[2012.06.23 20:33:36 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\ConMet
[2012.10.12 21:23:24 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DAEMON Tools Lite
[2012.10.02 19:37:03 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DeepBurner
[2012.05.29 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DisplayTune
[2012.10.02 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\DriverCure
[2012.06.24 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\esmska
[2012.10.12 14:58:57 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\GarenaPlus
[2012.09.24 21:05:25 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Hamachi
[2012.05.29 09:22:21 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Identities
[2012.05.29 10:17:46 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\InstallShield
[2012.10.02 16:36:15 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\IObit
[2012.06.07 21:13:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LG Electronics
[2012.07.02 17:07:21 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LolClient
[2012.05.29 11:26:41 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\LolClient2
[2012.05.29 10:44:04 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Macromedia
[2012.10.14 15:56:47 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Malwarebytes
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Media Center Programs
[2012.10.17 18:14:22 | 000,000,000 | --SD | M] -- C:\Users\Ondrej\AppData\Roaming\Microsoft
[2012.09.02 19:52:34 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\mIRC
[2012.05.29 10:49:47 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Mozilla
[2012.09.04 15:16:37 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\mplayer
[2012.10.03 20:51:05 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\NVIDIA
[2012.08.26 17:33:08 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\PFStaticIP
[2012.06.02 15:01:27 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Samsung
[2012.10.18 19:36:33 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Skype
[2012.09.24 20:36:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Soldat
[2012.10.02 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\SpeedyPC Software
[2012.09.14 13:27:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Temp
[2012.10.14 17:14:17 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\TS3Client
[2012.10.03 18:42:32 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Tunngle
[2012.08.23 10:10:54 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\Unity
[2012.05.29 10:16:43 | 000,000,000 | ---D | M] -- C:\Users\Ondrej\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Ondrej\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2012.10.11 02:34:02 | 000,596,920 | ---- | M] (ml) -- C:\Users\Ondrej\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.10.18 18:58:00 | 000,000,838 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.03.07 11:52:50 | 001,165,408 | ---- | M] () -- \Downloads\GOTCHA! Paintball\Gotcha! No-CD Crack (Fr).rar
[2012.09.23 17:52:09 | 000,000,117 | ---- | M] () -- \Downloads\PAYDAY.The.Heist.v1.12.2.Update.incl.DLC-SKIDROW\SKIDROW CRACK.url
[2010.08.06 23:23:48 | 000,000,403 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010.08.06 23:23:48 | 000,020,362 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010.08.06 23:23:48 | 000,020,539 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010.08.06 23:23:48 | 000,019,081 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010.08.07 00:00:56 | 000,013,009 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010.08.27 07:33:12 | 000,014,477 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010.08.06 23:50:20 | 000,094,462 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010.08.27 07:33:24 | 000,065,436 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010.08.06 23:50:02 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010.08.06 23:50:02 | 000,016,101 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010.08.06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010.08.06 23:50:02 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010.08.06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010.08.27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010.08.06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010.08.06 23:50:04 | 000,000,410 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010.08.06 23:50:02 | 000,000,933 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010.08.06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010.08.06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010.08.06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010.08.27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010.08.06 23:50:04 | 000,000,409 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010.08.06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010.08.06 23:50:02 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010.08.06 23:49:16 | 000,062,915 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010.08.27 07:33:40 | 000,037,741 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010.08.06 23:48:40 | 000,019,532 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010.08.27 07:33:50 | 000,017,545 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2011.11.23 16:28:12 | 000,594,432 | ---- | M] () -- \Program Files (x86)\Dead Island\zDoNOTRunThis-originalNotCracked-DeadIslandGame_update7_bba_original.exe_
[2012.02.03 15:07:10 | 001,099,940 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\BG\Extension_01\Original\EX01_BlackCrack_OBJ.gpk
[2012.02.03 15:29:52 | 008,695,706 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone.gpk
[2012.02.03 15:29:54 | 006,332,931 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone_ANI.gpk
[2011.12.14 07:41:08 | 000,685,163 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\Black_Crack_Wall.gpk

< *keygen* /s >

< *loader* /s >
[2012.05.19 11:42:03 | 000,020,992 | R--- | M] () -- \$WINDOWS.~BT\Sources\en-us\upgloader.dll.mui
[2012.09.18 12:35:42 | 000,058,880 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2012.09.18 12:35:42 | 003,465,909 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2012.09.18 12:35:42 | 000,032,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2012.09.18 12:35:42 | 000,001,140 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2012.09.18 12:35:42 | 000,000,504 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2012.09.18 12:35:42 | 000,009,492 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2012.09.18 12:35:42 | 000,001,072 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2012.09.18 12:35:42 | 000,000,518 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2012.09.18 12:35:42 | 000,009,746 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2012.09.18 12:35:42 | 000,001,098 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2012.09.18 12:35:42 | 000,000,514 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2012.09.18 12:35:42 | 000,009,610 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2012.09.18 12:35:42 | 000,001,068 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2012.09.18 12:35:42 | 000,000,530 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2012.09.18 12:35:42 | 000,009,798 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2012.09.18 12:35:42 | 000,000,946 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2012.09.18 12:35:42 | 000,000,502 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2012.09.18 12:35:42 | 000,009,486 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2010.11.25 22:19:12 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Anki\_win32sysloader.pyd
[2006.09.08 11:55:04 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Borland\BDS\4.0\Welcomepage\js\wpLoader.js
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.08.13 11:09:00 | 000,045,056 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2012.08.30 15:43:14 | 002,984,960 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2012.09.19 16:42:41 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\BTalkLoader.exe
[2012.09.05 16:30:58 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10058\BTalkLoader.exe
[2012.09.19 16:42:14 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10060\BTalkLoader.exe
[2012.09.19 16:42:28 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10062\BTalkLoader.exe
[2012.10.02 16:35:00 | 000,605,568 | ---- | M] () -- \Program Files (x86)\IObit\Advanced SystemCare 3\free-software-downloader.exe
[2012.05.03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.05.03 18:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.05.21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.05.21 04:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.08.08 17:21:08 | 000,070,944 | ---- | M] () -- \Program Files (x86)\Payday The Heist\PhysXLoader.dll
[2011.03.17 23:05:56 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.03.17 23:07:18 | 000,131,984 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2009.02.04 05:08:46 | 000,032,616 | ---- | M] () -- \Program Files\AutoCAD 2010\AecLoader.arx
[2010.03.15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.07.09 15:11:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.07.09 15:11:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012.07.10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2012.09.02 15:48:16 | 000,003,418 | ---- | M] () -- \Users\Ondrej\BykiDownloader.log
[2012.05.29 12:48:12 | 000,057,728 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,057,728 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,057,728 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,057,728 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,057,728 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,061,770 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.05.29 12:48:12 | 000,061,770 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.10.15 15:10:28 | 000,105,903 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5THMWI09\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.10.16 19:09:36 | 000,000,374 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5THMWI09\queryLoader[1].css
[2012.10.17 15:52:12 | 000,005,708 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5THMWI09\queryLoader[1].js
[2012.10.17 15:52:11 | 000,000,374 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5THMWI09\queryLoader[2].css
[2012.10.18 19:45:23 | 000,000,374 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MR9BLL1O\queryLoader[1].css
[2012.10.16 19:09:37 | 000,005,708 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MR9BLL1O\queryLoader[1].js
[1 \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MR9BLL1O\*.tmp files -> \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MR9BLL1O\*.tmp -> ]
[2012.10.18 19:45:24 | 000,005,708 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWXBYX4S\queryLoader[1].js
[2012.10.15 15:10:28 | 000,000,753 | ---- | M] () -- \Users\Ondrej\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7DP7ART\AdLoader[1].htm
[2009.02.04 05:08:46 | 000,032,616 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\AecLoader.arx
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Users\Ondrej\Desktop\League of Legends SJ\RADS\projects\lol_air_client\releases\0.0.0.208\deploy\assets\storeImages\layout\small_loader.gif
[2012.08.30 08:06:20 | 000,000,404 | ---- | M] () -- \Users\Ondrej\Desktop\League of Legends SJ\RADS\projects\lol_air_client\releases\0.0.0.208\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Users\Ondrej\Desktop\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.217\deploy\assets\storeImages\layout\small_loader.gif
[2012.08.30 08:06:20 | 000,000,404 | ---- | M] () -- \Users\Ondrej\Desktop\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.217\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2012.06.04 14:38:06 | 000,292,736 | ---- | M] () -- \Users\Ondrej\Downloads\Brothersoft_downloader_For_BS_Player.exe
[2012.09.02 15:42:17 | 000,365,032 | ---- | M] () -- \Users\Ondrej\Downloads\BYKIDownloaderPC.exe
[2012.07.29 12:49:28 | 004,110,768 | ---- | M] () -- \Users\Ondrej\Downloads\jimmy_carr_telling_jokes_dvdrip_xvid_haggis_downloader_98865a.exe
[2012.10.14 17:04:49 | 004,157,360 | ---- | M] () -- \Users\Ondrej\Downloads\regtweaker_3.2.2_serial_number.rar_downloader_224.exe
[2012.05.29 11:21:22 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2012.10.12 21:28:33 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.08.08 17:32:40 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.05.03 12:45:42 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.10.12 21:28:33 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.08.08 17:32:40 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.05.03 12:45:42 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.09.06 19:38:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf.manifest
[2012.09.06 19:38:20 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf_winload.efi.mui_35ee487d
[2012.09.06 19:38:20 | 000,035,408 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf_winload.exe.mui_3bc5b827
[2012.09.06 19:38:20 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf_winresume.efi.mui_f412814e
[2012.09.06 19:38:20 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf_winresume.exe.mui_ff8b5358
[2012.05.29 14:23:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.05.29 14:23:35 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.05.29 14:23:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.05.29 14:23:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.05.29 14:23:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 19:18:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_es-es_d2590890fddbcebf.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:22 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.12 21:28:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2012.10.17 21:09:49 | 000,040,292 | ---- | M] () -- \Users\Ondrej\AppData\Roaming\BitComet\rules\dhtnodes.dat

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.10.06 14:29:46 | 000,106,583 | ---- | M] () -- \Program Files (x86)\LG Electronics\LG PC Suite III\BTADPT_W32Serial_d.dll
[2009.02.10 18:02:00 | 000,065,536 | ---- | M] () -- \Program Files (x86)\LG Electronics\LG PC Suite III\libSerialPort.dll
[2008.06.09 16:06:50 | 000,106,583 | ---- | M] () -- \Program Files (x86)\LG Electronics\LG PC Suite III\Applications\BTADPT_W32Serial_d.dll
[2008.10.21 10:32:54 | 000,065,536 | ---- | M] () -- \Program Files (x86)\LG Electronics\LG PC Suite III\Applications\libSerialPort.dll
[2011.03.10 00:43:26 | 000,413,696 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2012.06.11 13:24:15 | 001,186,816 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2002.03.07 14:59:10 | 000,002,306 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\doc\ISerializable.aspx
[2002.03.07 14:59:10 | 000,001,628 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\doc\serialize.aspx
[2002.02.20 17:47:24 | 000,001,355 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\include\SerializationHeader.inc
[2002.02.20 17:47:24 | 000,001,522 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\include\XMLSerializationHeader.inc
[2002.03.07 14:59:10 | 000,000,113 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\ISerializable.src
[2002.04.08 12:53:24 | 000,005,786 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cp\ISerializable.cpp
[2003.03.28 16:52:30 | 000,007,680 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cp\ISerializable.exe
[2003.03.28 16:52:30 | 000,023,125 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cp\ISerializable.obj
[2002.04.08 12:53:24 | 000,005,243 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cs\ISerializable.cs
[2003.03.28 16:52:28 | 000,008,704 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cs\ISerializable.exe
[2003.03.28 16:52:28 | 000,019,968 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\cs\ISerializable.pdb
[2003.03.28 16:52:30 | 000,009,728 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\vb\ISerializable.exe
[2003.03.28 16:52:30 | 000,026,112 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\vb\ISerializable.pdb
[2002.04.08 12:53:24 | 000,006,497 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\iserializable\vb\ISerializable.vb
[2002.03.07 14:59:10 | 000,000,098 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\serialize.src
[2002.04.08 12:53:24 | 000,002,049 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cp\Serialize.cpp
[2003.03.28 16:52:32 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cp\Serialize.exe
[2003.03.28 16:52:32 | 000,008,719 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cp\Serialize.obj
[2002.04.08 12:53:24 | 000,001,950 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cs\Serialize.cs
[2003.03.28 16:52:32 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cs\Serialize.exe
[2003.03.28 16:52:32 | 000,011,776 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\cs\Serialize.pdb
[2003.03.28 16:52:32 | 000,006,656 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\vb\Serialize.exe
[2003.03.28 16:52:32 | 000,011,776 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\vb\Serialize.pdb
[2002.04.08 12:53:24 | 000,002,136 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\QuickStart\howto\samples\serialization\serialize\vb\Serialize.vb
[2002.03.15 11:07:52 | 000,003,135 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Remoting\Advanced\Serialization\ISerializable\ISerializableClient.cs
[2002.06.21 10:55:06 | 000,003,383 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\cs\SerializationCS.csproj
[2002.06.21 10:55:06 | 000,001,013 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\cs\SerializationCS.sln
[2002.04.10 18:07:04 | 000,007,769 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\cs\Serialize.cs
[2002.06.21 10:55:10 | 000,000,940 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\vb\SerializationVB.sln
[2002.06.21 10:55:10 | 000,003,167 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\vb\SerializationVB.vbproj
[2002.04.10 18:08:42 | 000,010,361 | ---- | M] () -- \Program Files (x86)\Microsoft.NET\SDK\v1.1\Samples\Technologies\Serialization\vb\Serialize.vb
[2007.03.07 13:27:58 | 000,006,597 | ---- | M] () -- \Program Files (x86)\Paragon Software\Partition Manager 8.5 Professional\Program\Resource\html\Help\Change_Serial_Number_of_a_Partition.htm
[2007.03.07 13:27:22 | 000,007,276 | ---- | M] () -- \Program Files (x86)\Paragon Software\Partition Manager 8.5 Professional\Program\Resource\ui\hdmdlg_setpartserial.ui
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:00:14 | 000,098,304 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\es\System.RunTime.Serialization.Resources.dll
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:00:32 | 000,098,304 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.RunTime.Serialization.Resources.dll
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\de-DE\Webdepot\RTSerialNumberHelp.html
[2008.05.08 18:14:18 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\en-US\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\es-ES\Webdepot\RTSerialNumberHelp.html
[2008.08.06 10:22:56 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\fr-FR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\hu-HU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\it-IT\Webdepot\RTSerialNumberHelp.html
[2008.05.08 18:14:18 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\ja-JP\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\ko-KR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\pl-PL\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:46 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\pt-BR\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\ru-RU\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\zh-CN\Webdepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Users\Ondrej\Desktop\autocad-2010-cz-win64\AutoCad 2010 CZ Win64\x64\acad\Program Files\Root\Common Files (64-bit) Folder\Autodesk Shared\AdLM\R1\zh-TW\Webdepot\RTSerialNumberHelp.html
[2012.06.04 17:13:20 | 018,255,782 | ---- | M] () -- \Users\Ondrej\Desktop\flash 4gb\Programy\BS.Player-PRO-2.61-Build-1065-Final-Incl-Serials.rar
[2012.09.29 18:58:51 | 139,573,034 | ---- | M] () -- \Users\Ondrej\Desktop\Hry+filmy na mobil\Spiderman-v-akci--serial,1.dil.wmv
[2012.07.18 16:51:38 | 018,255,782 | ---- | M] () -- \Users\Ondrej\Downloads\BS.Player-PRO-2.61-Build-1065-Final-Incl-Serials.rar
[2012.10.14 17:04:49 | 004,157,360 | ---- | M] () -- \Users\Ondrej\Downloads\regtweaker_3.2.2_serial_number.rar_downloader_224.exe
[2012.09.17 18:09:02 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_es_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:39:20 | 000,098,304 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_es_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.30 07:09:47 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.30 07:18:07 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.05.30 07:28:21 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
[2012.05.30 07:07:36 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\807759890a40e4047c35a24e64dc76d5\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.30 21:06:24 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8f0d3b706bb74e30bc81546f3b56a607\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.30 21:06:35 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d132fe6c8f229528089a5084824567a9\System.Runtime.Serialization.ni.dll
[2012.05.30 21:08:31 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\0182681020de71c8db9120c1e130bc41\System.Xml.Serialization.ni.dll
[2012.05.30 21:23:54 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a1189bf6c6fe386077a64f3170041e8d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.30 21:11:22 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd278cba8ea5d98739456e4362187ae8\System.Runtime.Serialization.ni.dll
[2012.05.30 21:26:41 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\efc103c034c69f5b47140b0052056dd5\System.Xml.Serialization.ni.dll
[2011.04.06 16:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.amd64
[2011.04.06 16:48:20 | 000,011,120 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Xml.Serialization.dll.x86
[2012.10.02 17:04:21 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.10.02 17:04:20 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.10.02 17:04:24 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2003.02.21 08:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2002.10.10 15:25:58 | 000,007,498 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.xml
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\es\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.04 17:59:48 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\es\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.01 12:26:40 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.13 18:45:34 | 000,005,632 | ---- | M] () -- \Windows\System32\es-ES\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.13 18:45:34 | 000,005,632 | ---- | M] () -- \Windows\SysWOW64\es-ES\serialui.dll.mui
[2009.07.14 17:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_es-es_5f4304daac2867c8\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.04 17:59:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_es-es_617418a2a916eb62\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.13 18:58:42 | 000,005,632 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_es-es_ed817b78e47d1926\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:39:20 | 000,098,304 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_es-es_fc8aac7853512e05\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:00:32 | 000,098,304 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_es-es_febbc040503fb19f\System.RunTime.Serialization.Resources.dll
[2009.07.14 17:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.13 19:00:08 | 000,011,264 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_es-es_63ccbc6d4d0eb8cf\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.05.29 14:23:07 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.05.29 14:23:07 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 17:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2012.09.06 19:38:19 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_es-es_ed817b78e47d1926_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 17:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2012.09.06 19:38:14 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_es-es_9162dff52c1fa7f0_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2009.07.14 17:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.13 19:17:56 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_es-es_8f76b875bf765005.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 17:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 14:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_es-es_30e4b256155b6899\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:39:20 | 000,098,304 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_es-es_8f76b875bf765005\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 17:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 14:14:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_es-es_6997af2ce08929c3\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 03:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.04 17:59:44 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_es-es_6bc8c2f4dd77ad5d\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 17:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.13 18:45:34 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_es-es_9162dff52c1fa7f0\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 17:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.08 10:37:52 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_es-es_a06c10f49af3bccf\System.RunTime.Serialization.Resources.dll
[2010.11.05 03:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.04 18:00:14 | 000,098,304 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_es-es_a29d24bc97e24069\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6248 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

< End of report >

[DalrondX]

Posílám log z Extras.txt

OTL Extras logfile created on: 18.10.2012 19:23:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ondrej\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 35,89% Memory free
7,99 Gb Paging File | 4,11 Gb Available in Paging File | 51,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 215,62 Gb Free Space | 46,30% Space Free | Partition Type: NTFS

Computer Name: ONDREJ-PC | User Name: Ondrej | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe" = C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe:*:Enabled:Windows Messanger
"C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe" = C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe:*:Enabled:Windows Messanger
"C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe" = C:\Downloads\Borderlands.2-SKIDROW\Borderlands.2.Update.3-SKIDROW\Borderlands.2.Update.3.exe:*:Enabled:Windows Messanger
"C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe" = C:\Users\Ondrej\AppData\Roaming\RNN1GHJKIG.exe:*:Enabled:Windows Messanger


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007CADCC-FF0F-4FF7-9877-5EC15F075548}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{058FFFEE-D36E-4665-9A93-9DC5C4E4488F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0BA657F9-075A-4295-B304-832D40F5B6EB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17241605-328B-49BD-AA0D-1DB9C7FE2CA0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1D4C0C6B-0D53-46A3-BB9F-96356EED166E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{27769E87-82F3-43EB-B264-4001468BC484}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D3A7069-F389-49A4-B3B2-DEC7B79CBBB0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2DFA0216-3F43-4D14-A041-F5AD5C807FC7}" = rport=138 | protocol=17 | dir=out | app=system |
"{3CB7B35F-AFDD-461C-8ACD-FDC6626C0720}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FC027ED-D9F4-4903-8AF8-53CDE60C6F36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{425C7089-CD16-4FE1-BFA3-8A4168E909A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B68AF1A-0AE4-4973-B44A-E936619B315C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AAABAB6-EBBF-4F65-AF7E-D1753367BAAF}" = lport=20164 | protocol=6 | dir=in | name=bitcomet 20164 tcp |
"{5F002A88-9B0D-4191-8920-C888E43FAA25}" = rport=445 | protocol=6 | dir=out | app=system |
"{6190767A-4D50-4A9E-A41D-8BF9C7D9E303}" = lport=139 | protocol=6 | dir=in | app=system |
"{66933C4E-2404-41C6-B3BA-255206E2F279}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6BF4E942-8ABF-42CC-B9CF-6B9E6975423E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77D13530-E6D8-420D-9B35-436CB43FF047}" = rport=139 | protocol=6 | dir=out | app=system |
"{800DFCF6-9E5B-4DDE-8972-FDC8903C846B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{837C6258-9D40-4CA3-9F64-8E76C4B54D45}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86E2593C-C61B-4A8F-8ACB-E304FE988359}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{88E48D5E-CAF0-435C-8FA3-774BD8D7A53C}" = lport=20164 | protocol=17 | dir=in | name=bitcomet 20164 udp |
"{95CBC227-AABC-4AC9-92A2-AD0C9819A9F4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A4FD006D-317E-4C6C-B7C1-BEBD84217CE4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A974B972-1783-4999-B93D-4AA80A7896B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC20C480-0EB9-45FE-A5CB-CB0A74DEFB43}" = rport=137 | protocol=17 | dir=out | app=system |
"{B1B0B2EF-3E93-4C57-A365-BD44CB050FFC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3C685F2-14D9-46BE-8584-7314414B64DA}" = lport=137 | protocol=17 | dir=in | app=system |
"{D247005A-35FB-4BF0-96E0-CF76E11346DC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E540BF71-5861-4866-8FDD-2905EE64CE5B}" = lport=445 | protocol=6 | dir=in | app=system |
"{EF3D8A03-313C-4DB4-BF41-C626566316AD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F67B4497-D3CB-4FDF-836B-A633A8F75B03}" = lport=138 | protocol=17 | dir=in | app=system |
"{FAB44E00-8A2E-483F-BB46-C0D2542FD077}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FD94AF3C-B717-406C-B9F2-509669E0D3C1}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087558A6-41AA-4624-88A4-0E9F244FB16E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0E95E8C9-741B-4901-AE36-49B5D56D038A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{12D8C1C3-43B8-4AC0-80A6-11D01B1CC31B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1BF6BB63-7BDB-4870-BED9-FC7C592663CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1DFFE167-9AC3-4ABE-BFF7-8510DEE2A808}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{23E474F6-8964-4E10-A409-97FE2ECF0764}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{264F2D9D-E35B-483F-805C-C35714B39D59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C8BB300-843D-41F0-8F81-EE1F9C25074A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2E4B0002-00EC-418B-A55E-6658D4BBBE31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2FF78438-9FCF-4338-A8F1-465897FA701E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{34A496B4-D9C4-47D2-838C-21FCB1B96B16}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{35E7EDB2-3F05-4E6E-A254-B2C03A3F7D9C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{364F584B-997E-4787-B03F-C6164BAFF3F6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{37BCFCBC-B66D-49D3-BDAA-D46B8DBE3831}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3A4BD7E5-ED98-4BA0-A77A-BDAF3CFA23CE}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{3F1EF839-854B-411B-889E-02857A1E4BB9}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{427DD780-6981-4B1D-B03A-B91C9E7262B7}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{4E2A8961-1F4A-4652-825B-E48C89BD1A7A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{645AC9C0-71E1-4C41-9330-00119F1267CE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6D8C9CCA-3C5C-4899-A3CD-4CFF693DA0CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80EC0228-B327-45C1-9D58-1D2E96624686}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{84734FC4-41F2-4013-8FAD-582E3C4151AC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8501CF64-F3F6-42E1-BCAA-08BF39729840}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8904DC12-B016-4AD8-B83F-4E556B85BBB1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F69D3AF-2D76-4399-A8FA-04FC35CE56C9}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{943D374C-3A14-4A23-BF96-D80925AEA773}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94F144B8-1C28-4BD1-99A3-7863D5D5F61F}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{9820E6E4-B8C0-4CDB-8ED0-1F2FC316B1D4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{98D72085-1E64-433A-94CF-0A214E903236}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{994875F0-F364-4FF0-8A9E-0C392ED08A35}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{9A1D8AEF-313D-4C85-963A-DCA434E87ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{A4D71193-049D-4D01-9E17-1540EFBDAD73}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A83A135F-C49F-4703-978C-AF5A4F20FB1E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AA543EDA-A109-431F-B2B7-663B3956367A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAF5B17A-B0A0-41C2-87D8-6DF8FFF4E91F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C1F1D51F-9AC1-4827-B195-7B5B9FDA36F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CF5464C8-734B-4BE7-B796-34887BF32A52}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CFF2BEAA-75E2-4941-ADE6-52344671A079}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB6B1327-F532-40C3-8292-34C6005449D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5F7178C-FB6F-48E7-B8AC-A44B14AC3525}" = protocol=6 | dir=out | app=system |
"{E9646F57-98E9-4418-812E-1C3EF59EB095}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{6847A8A0-1AFF-4147-9B1E-5BBCABA8F04E}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{75CDB418-C87E-4B2A-ABFB-9FDDCD5B1326}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{7668015E-1D3E-4DC5-9539-B78A96D20058}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{B94DAB2F-ED00-473F-9350-1AB097B7C868}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{E2A62CC4-029B-4D54-9A1C-E14EAA02CB6B}C:\program files (x86)\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dead island\deadislandgame.exe |
"UDP Query User{229D0999-961F-47B2-8ED2-ED576669C2A2}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{23E3E1E3-C1D5-402D-821D-75D9501BF2B2}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{7AAD6A56-A72A-4B6F-9372-896F6BE08B03}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{8BA8744D-481F-4874-9808-0501FDA12D53}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{CFD6DBCC-862F-4286-82D2-3A2DE3324C97}C:\program files (x86)\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dead island\deadislandgame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{5783F2D7-8001-0405-0102-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1102-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8D6D29ED-01AC-4A00-8F30-69E1246E4EC3}" = ESET NOD32 Antivirus
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8ECC12DC-7819-402A-B54E-A991558C81B1}" = Oracle VM VirtualBox 4.2.0
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Controlador de 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel de control de NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Controlador de gráficos 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Controlador de la controladora 3D Vision 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software del sistema PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Actualización de NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Controlador de audio HD 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
":-)mojelogo SMS ToolBar v4.3_is1" = :-)mojelogo SMS ToolBar v4.3.3.5
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{2515EAA9-AE9F-4F0A-8301-B40034838B8A}" = Livestream Procaster
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0728.1
"{49CC1A6A-3A1A-4EE7-913F-8106B51B59D1}" = Paragon Partition Manager 8.5 Professional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61FFF5E3-1D08-4F66-AC29-EF61963F2619}" = pCon.planner 6.4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F35D5AE-3D28-4408-8731-59972AE27657}" = LG PC Suite III
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7ED5371F-F4EA-48F9-B8F7-C8777AD9DF69}" = Borland Turbo C++
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A586DC50-B18D-48FB-B7CC-A598200457C2}" = Acer eDisplay Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BE9EABD3-18D3-40BA-8885-346CBE9E263A}_is1" = I Am Alive
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.0525.1
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EB9BD1D5-8DFB-48C4-927B-10BB47CA59B3}" = Microsoft .NET Framework SDK (English) 1.1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Anki" = Anki
"AntiKomár_is1" = AntiKomár
"BitComet" = BitComet 1.31
"Borderlands 2_is1" = Borderlands 2
"BSPlayerf" = BS.Player FREE
"BSPlayerp" = BS.Player PRO
"Byki Express" = Byki Express
"Clownfish" = Clownfish for Skype
"Codecs for Windows 7 Pack" = Codecs for Windows 7 Pack 4.0.5
"CodInstl" = Intel A/V Codecs V2.0
"ConMet" = Connection Meter
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps
"GameParkClient_is1" = GamePark
"GeoGebra" = GeoGebra
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0728.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.0525.1
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LinguaSaver_11" = LinguaSaver_11
"LOLReplay" = LOLReplay
"mIRC" = mIRC
"Mozilla Firefox 16.0.1 (x86 cs)" = Mozilla Firefox 16.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Payday The Heist (c) OVERKILL Software_is1" = Payday The Heist (c) OVERKILL Software version 1
"pCon.planner 6.4" = pCon.planner 6.4
"Portforward Static IP Address" = Portforward Static IP Address 1.0.47
"SpeedFan" = SpeedFan (remove only)
"TmNationsForever_is1" = TmNationsForever
"TrueMotion Compression Toolkit" = TrueMotion Compression Toolkit
"Tunngle beta_is1" = Tunngle beta

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-818844184-144965152-1167717117-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.10.2012 15:39:00 | Computer Name = Ondrej-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 14.10.2012 15:39:00 | Computer Name = Ondrej-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 14.10.2012 15:39:00 | Computer Name = Ondrej-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 14.10.2012 15:39:00 | Computer Name = Ondrej-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 15.10.2012 11:56:15 | Computer Name = Ondrej-PC | Source = Service1 | ID = 0
Description = Službu nelze spustit. Proces služby se nemohl připojit k síťovému
řadiči

Error - 15.10.2012 13:35:23 | Computer Name = Ondrej-PC | Source = Application Hang | ID = 1002
Description = Program League of Legends.exe verze 1.0.0.148 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 11b4 Čas spuštění: 01cdaafb538a8b42 Čas ukončení: 10 Cesta k aplikaci: C:\Users\Ondrej\Desktop\League
of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.192\deploy\League
of Legends.exe ID hlášení:

Error - 16.10.2012 10:19:30 | Computer Name = Ondrej-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: League of Legends.exe, verze: 1.0.0.148,
časové razítko: 0x507538bd Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x00038dc9 ID chybujícího
procesu: 0x1014 Čas spuštění chybující aplikace: 0x01cdaba8b394f8b9 Cesta k chybující
aplikaci: C:\Users\Ondrej\Desktop\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.192\deploy\League
of Legends.exe Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy:
7fb5e0cd-179c-11e2-b6e3-1c6f658ac704

Error - 17.10.2012 13:46:22 | Computer Name = Ondrej-PC | Source = Application Hang | ID = 1002
Description = Program League of Legends.exe verze 1.0.0.148 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 13e4 Čas spuštění: 01cdac8f3f57587f Čas ukončení: 21 Cesta k aplikaci: C:\Users\Ondrej\Desktop\League
of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.192\deploy\League
of Legends.exe ID hlášení: 8b2e8f83-1882-11e2-a698-1c6f658ac704

Error - 17.10.2012 13:46:37 | Computer Name = Ondrej-PC | Source = Application Hang | ID = 1002
Description = Program rads_user_kernel.exe verze 0.0.0.0 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: eac Čas spuštění: 01cdac8f55dc7229 Čas ukončení: 4 Cesta k aplikaci: C:\Users\Ondrej\Desktop\League
of Legends\RADS\system\rads_user_kernel.exe ID hlášení: 97ae0dcc-1882-11e2-a698-1c6f658ac704


Error - 17.10.2012 15:33:20 | Computer Name = Ondrej-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 16.0.1.4666, časové
razítko: 0x5076192e Název chybujícího modulu: xul.dll, verze: 16.0.1.4666, časové
razítko: 0x50761893 Kód výjimky: 0xc0000005 Posun chyby: 0x000be717 ID chybujícího
procesu: 0x5d8 Čas spuštění chybující aplikace: 0x01cdac8c1f7cf66b Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 81692089-1891-11e2-a698-1c6f658ac704

[ System Events ]
Error - 13.9.2012 14:22:31 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 14.9.2012 0:50:40 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 14.9.2012 6:13:42 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 14.9.2012 9:13:27 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7000
Description = Služba dgderdrv neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.9.2012 3:46:31 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 15.9.2012 4:28:57 | Computer Name = Ondrej-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:19:06, ?15.?9.?2012) bylo neočekávané.

Error - 15.9.2012 4:29:28 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 15.9.2012 4:45:27 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 16.9.2012 3:29:43 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM

Error - 17.9.2012 0:46:12 | Computer Name = Ondrej-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: UimBus Uim_IM


< End of report >

[Márty84]

No tak s legalitou OS to mam asi jako 80% populace vlastniku OS v ČR...

No, to je snad prehnane cislo. Ale i kdyby, vetsina aspon nepouziva takovy, ktery ani neni pro domacnosti urceny. To proste bije do oci.

Pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Bohuzel

[DalrondX]

No tak co se dá dělat no. Ale kvůli tomuto problému si určitě kupovat originální OS nebudu. Vsadil bych se, kdybyste se zeptali většiny uživatelů zde zda mají legální OS, tak jsem si na 100% jistý, že většina odpoví ne. A to že je to do očí bijící mně nějak nenapadlo , ale tak nemám vám to za zlé. Jsou to vaše pravidla a musím je respektovat.

[Márty84]

Ultimate proste neni urceny domacnostem. Takze u teto verze jde opravdu v 99% o nelegalni OS, nebo firemni pc. Oboji je poruseni pravidel. Proto se ptam vzdy a samozrejme si to vzdy necham overit logem, ktery mi, narozdil od nekterych uzivatelu, nezalze. U beznych verzi OS se neptam, ale kdyz na to behem kontroly prijdu, smula.

I ja se temi pravidly musim ridit.

Tak se mejte