NOD32 - Adresa byla zablokována

Zpráva

Jyxo · #1 Příspěvek od **Jyxo** » 18 črc 2013 11:08

Dobrý den,

před pár dny mi NOD32 začal vyskakovat okna o zablokování adresy, viz obrázek.

Prosím o radu. Děkuji a přikládám RSIT log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Resshi at 2013-07-18 11:52:45
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 105 GB (61%) free of 172 GB
Total RAM: 6121 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:52:59, on 18.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\trend micro\Resshi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WheelMouse] C:\MSI\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [LockIndicator] C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Resshi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [F.lux] "C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NetTraffic] C:\Program Files (x86)\NetTraffic\NetTraffic.exe
O4 - HKCU\..\Run: [AIMP3] C:\Program Files (x86)\AIMP3\AIMP3.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /isolated /autorun
O4 - HKUS\S-1-5-21-4272719917-2536357416-3940710006-1014\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4272719917-2536357416-3940710006-1014\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Google Chrome.lnk = Resshi\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Startup: uTorrent.lnk = C:\Program Files (x86)\uTorrent\uTorrent.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Přidat do Evernote 4 - C:\Program Files (x86)\Evernote\\EvernoteIERes\Clip.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\nutafun4.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C083954-38A8-4A5A-81BF-DA8521FDA3E4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{C007250F-5230-4F3D-984D-0552B9A8B680}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Hry\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\System Control Manager\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows\system32\xsherlock.xem

--
End of file - 12039 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\Hry\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"taskhost.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
taskeng.exe {D71C545B-8B44-4AB8-831D-8149CD6E5AB3}
"C:\Program Files\CoreTemp64\Core Temp.exe"
"C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
WLIDSvcM.exe 2640
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe" /noshow
"C:\Program Files (x86)\NetTraffic\NetTraffic.exe"
"C:\Program Files (x86)\AIMP3\AIMP3.exe"
"C:\Program Files (x86)\QIP 2012\qip.exe" /isolated /autorun
"C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe"
"C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Resshi\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default

prefs.js - "browser.startup.homepage" - "news.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.110.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\
foxmarks@kei.com
support@lastpass.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-19 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-19 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\EvernoteIE.dll [2013-01-29 581984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1702400]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]
"THXCfg64"=C:\Windows\system32\THXCfg64.dll [2009-10-15 17920]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2011-09-22 394832]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2011-09-22 394832]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-03 1028896]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 6330568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Users\Resshi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-10 136176]
"F.lux"=C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe [2009-08-29 966656]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"NetTraffic"=C:\Program Files (x86)\NetTraffic\NetTraffic.exe [2012-09-02 194048]
"AIMP3"=C:\Program Files (x86)\AIMP3\AIMP3.exe [2013-06-20 1646536]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2012-03-23 7351760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll,TrayApp []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files (x86)\QIP 2010\qip.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU]
C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\Hamachi\hamachi-2-ui.exe [2012-12-14 2255360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msi LED Manager]
C:\Program Files (x86)\msi\msi LED Manager\SLM.exe [2010-07-29 2795008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"=C:\MSI\ADVANC~1\wh_exec.exe [2007-09-13 90112]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"Tilt"=C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [2009-06-26 724992]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"MGSysCtrl"=C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2011-02-17 2482176]
"LockIndicator"=C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe [2011-06-24 1699016]
"THX Audio Control Panel"=C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [2010-06-11 1349632]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2011-09-22 5550984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

C:\Users\Resshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Google Chrome.lnk - C:\Users\Resshi\AppData\Local\Google\Chrome\Application\chrome.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
uTorrent.lnk - C:\Program Files (x86)\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll C:\Windows\System32\guard64.dll C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-13 247296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-07-18 11:52:46 ----D---- C:\Program Files\trend micro
2013-07-18 11:52:45 ----D---- C:\rsit
2013-07-13 11:56:44 ----D---- C:\Program Files (x86)\UWT v2.2
2013-07-13 07:43:34 ----D---- C:\Users\Resshi\AppData\Roaming\Appfour
2013-07-10 15:57:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-10 15:57:41 ----A---- C:\Windows\system32\ieui.dll
2013-07-10 15:57:40 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-10 15:57:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-10 15:57:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-10 15:57:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-10 15:57:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-10 15:57:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 15:57:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-10 15:57:40 ----A---- C:\Windows\system32\iesetup.dll
2013-07-10 15:57:40 ----A---- C:\Windows\system32\iernonce.dll
2013-07-10 15:57:40 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-10 15:57:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-10 15:57:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-10 15:57:39 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-10 15:57:39 ----A---- C:\Windows\system32\jscript.dll
2013-07-10 15:57:39 ----A---- C:\Windows\system32\iertutil.dll
2013-07-10 15:57:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-10 15:57:38 ----A---- C:\Windows\system32\jscript9.dll
2013-07-10 15:57:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-10 15:57:37 ----A---- C:\Windows\system32\urlmon.dll
2013-07-10 15:57:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-10 15:57:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-10 15:57:36 ----A---- C:\Windows\system32\wininet.dll
2013-07-10 15:57:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-10 15:57:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-10 15:57:34 ----A---- C:\Windows\system32\ieframe.dll
2013-07-10 15:57:33 ----A---- C:\Windows\system32\mshtml.dll
2013-07-10 15:57:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-10 15:52:02 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-10 15:52:02 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-10 15:51:54 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-10 15:51:54 ----A---- C:\Windows\system32\win32k.sys
2013-07-10 15:51:54 ----A---- C:\Windows\system32\qedit.dll
2013-07-10 15:51:10 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-10 15:51:10 ----A---- C:\Windows\system32\DWrite.dll
2013-07-08 19:05:19 ----D---- C:\ProgramData\ESET
2013-07-08 19:05:19 ----D---- C:\Program Files\ESET
2013-07-08 16:26:03 ----D---- C:\Program Files (x86)\mangastreamdown-4.1
2013-07-04 16:37:43 ----D---- C:\Program Files (x86)\nvidiaInspector
2013-07-04 14:54:46 ----D---- C:\ProgramData\Picroma
2013-07-02 19:10:09 ----D---- C:\Users\Resshi\AppData\Roaming\NVIDIA
2013-07-02 10:52:36 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvvsvc.exe
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvsvcr.dll
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvsvc64.dll
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvshext.dll
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvmctray.dll
2013-07-02 10:52:14 ----A---- C:\Windows\system32\nvcpl.dll
2013-07-02 10:51:51 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-07-02 10:51:51 ----A---- C:\Windows\system32\OpenCL.dll
2013-07-02 10:51:31 ----D---- C:\ProgramData\NVIDIA Corporation
2013-07-02 10:49:57 ----A---- C:\Windows\system32\nvhdap64.dll
2013-07-02 10:49:56 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-07-02 10:49:56 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-07-02 10:49:56 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-07-02 10:49:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-07-02 10:49:56 ----A---- C:\Windows\system32\nvopencl.dll
2013-07-02 10:49:56 ----A---- C:\Windows\system32\nvoglv64.dll
2013-07-02 10:49:56 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2013-07-02 10:49:56 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-07-02 10:49:55 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\NvIFR64.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\NvFBC64.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvdispgenco6432049.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvdispco6432049.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvcuvid.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\nvcuda.dll
2013-07-02 10:49:55 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-07-02 10:49:54 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-07-02 10:49:54 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-07-02 10:49:54 ----A---- C:\Windows\system32\nvcompiler.dll
2013-07-02 10:49:54 ----A---- C:\Windows\system32\nvapi64.dll
2013-06-19 14:46:12 ----A---- C:\Windows\system32\javaws.exe
2013-06-19 14:46:08 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll

======List of files/folders modified in the last 1 month======

2013-07-18 11:52:48 ----D---- C:\Windows\temp
2013-07-18 11:52:46 ----D---- C:\Program Files
2013-07-18 11:35:27 ----D---- C:\Users\Resshi\AppData\Roaming\uTorrent
2013-07-18 11:04:46 ----D---- C:\Program Files (x86)\mIRC
2013-07-18 09:38:34 ----D---- C:\Windows\system32\config
2013-07-18 09:32:38 ----D---- C:\Windows\System32
2013-07-18 09:32:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-18 09:32:37 ----D---- C:\Windows\inf
2013-07-18 09:26:38 ----D---- C:\Program Files (x86)\SpeedFan
2013-07-18 09:26:26 ----D---- C:\Windows
2013-07-17 22:27:48 ----D---- C:\Users\Resshi\AppData\Roaming\AIMP3
2013-07-17 20:58:34 ----D---- C:\Windows\system32\drivers\etc
2013-07-17 20:56:41 ----D---- C:\Users\Resshi\AppData\Roaming\Free Download Manager
2013-07-17 20:51:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-07-17 20:51:50 ----D---- C:\Windows\Panther
2013-07-17 20:51:49 ----D---- C:\Windows\Logs
2013-07-17 15:36:10 ----SHD---- C:\Windows\Installer
2013-07-17 15:00:55 ----D---- C:\Program Files (x86)\MKVtoolnix 3.0.0
2013-07-17 08:59:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-16 19:51:27 ----D---- C:\Program Files\DesktopOK
2013-07-16 07:23:17 ----D---- C:\Windows\system32\catroot2
2013-07-15 18:55:25 ----RSD---- C:\Windows\assembly
2013-07-15 15:49:56 ----D---- C:\Users\Resshi\AppData\Roaming\Mp3tag
2013-07-15 10:02:49 ----D---- C:\Users\Resshi\AppData\Roaming\.minecraft
2013-07-13 11:59:02 ----D---- C:\Program Files (x86)
2013-07-13 08:12:36 ----D---- C:\ProgramData\Package Cache
2013-07-13 07:53:48 ----D---- C:\Windows\system32\Tasks
2013-07-13 07:53:47 ----D---- C:\Windows\Tasks
2013-07-10 21:28:01 ----D---- C:\Windows\Microsoft.NET
2013-07-10 16:02:57 ----D---- C:\Windows\winsxs
2013-07-10 16:02:28 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-10 16:02:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 16:01:59 ----D---- C:\Windows\SysWOW64
2013-07-10 16:01:59 ----D---- C:\Program Files\Windows Defender
2013-07-10 16:01:59 ----D---- C:\Program Files\Internet Explorer
2013-07-10 16:01:59 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-10 16:01:59 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-10 16:01:58 ----D---- C:\Program Files\Windows Journal
2013-07-10 15:57:49 ----D---- C:\Windows\system32\catroot
2013-07-08 19:05:49 ----D---- C:\Windows\system32\DriverStore
2013-07-08 19:05:49 ----D---- C:\Windows\system32\drivers
2013-07-08 19:05:19 ----AD---- C:\ProgramData
2013-07-08 18:58:57 ----D---- C:\Users\Resshi\AppData\Roaming\TS3Client
2013-07-07 21:38:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-07-04 14:44:23 ----D---- C:\Windows\SYSWOW64\directx
2013-07-02 10:52:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-07-02 10:52:42 ----D---- C:\ProgramData\NVIDIA
2013-07-02 10:52:40 ----RD---- C:\Users
2013-07-02 10:52:40 ----D---- C:\Program Files\NVIDIA Corporation
2013-07-02 10:52:21 ----D---- C:\Temp
2013-07-02 10:36:23 ----D---- C:\NVIDIA
2013-06-30 10:44:20 ----D---- C:\Program Files (x86)\DomDomSoft Manga Downloader
2013-06-25 16:01:06 ----D---- C:\Program Files\CCleaner
2013-06-24 05:42:18 ----D---- C:\Users\Resshi\AppData\Roaming\Mal Updater
2013-06-23 22:53:55 ----D---- C:\Program Files (x86)\JDownloader
2013-06-22 10:29:41 ----D---- C:\Program Files\SUPERAntiSpyware
2013-06-20 15:10:21 ----D---- C:\Program Files (x86)\AIMP3
2013-06-19 14:45:58 ----A---- C:\Windows\system32\javaw.exe
2013-06-19 14:45:58 ----A---- C:\Windows\system32\java.exe
2013-06-19 14:45:57 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-06-19 14:45:57 ----A---- C:\Windows\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2011-12-21 25056]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-04-22 133728]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-04-22 277088]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-21 564824]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-04-22 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-04-22 970336]
R0 vidsflt61;Acronis Disk Storage Filter (61); C:\Windows\system32\DRIVERS\vsflt61.sys [2012-04-22 142944]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-15 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-14 213416]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 150616]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 139768]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-04-22 285280]
R3 ALSysIO;ALSysIO; \??\C:\Users\Resshi\AppData\Local\Temp\ALSysIO64.sys []
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2010-01-17 158736]
S1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2010-01-17 48144]
S3 1394hub;1394 Enabled Hub; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-23 1579520]
S3 ATP;Comodo EasyVPN Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys []
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys []
S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys []
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2011-12-21 31968]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [2007-09-25 18128]
S3 dump_wmimmc;dump_wmimmc; \??\d:\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2011-07-29 8456]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [2011-04-12 44032]
S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64; C:\Windows\system32\DRIVERS\fspad_wlh64.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 27016]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 140128]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1202688]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2011-09-22 1113784]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-04-22 3246040]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-03-21 1341664]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Hry\Hi-Rez Studios\HiPatchService.exe [2013-04-23 9216]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-03 1887520]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-04-06 76888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-17 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-10 115608]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-06-06 4005936]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-08 140672]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\Hamachi\hamachi-2.exe [2012-12-14 2466304]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-20 419624]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 18 črc 2013 11:44

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna. A tez se zrovna zeptam na

ESET NOD32, na ten mate zakoupenou licenci?

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Jyxo · #3 Příspěvek od **Jyxo** » 18 črc 2013 11:58

Ano, používám legální Windows a licenci na NOD32 mám zakoupenou.
Druhý log:

info.txt logfile of random's system information tool 1.09 2013-07-18 11:53:02

======Uninstall list======

-->\Uninstall.exe
-->MsiExec /X{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A4824921-63A6-4616-9335-557B860307F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DDCCBB78-8FFB-4FDE-912F-930E4D9FBC67}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F50302D2-9E07-4A43-B9EA-7AC712F34711}\setup.exe" -l0x9 /remove
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Acronis True Image Home 2011-->MsiExec.exe /X{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -maintain plugin
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader XI (11.0.03) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Advanced Wheel Mouse 6.0.0.001-->C:\MSI\ADVANC~1\uninst.exe
Aegisub 2.1.8-->"C:\Program Files (x86)\Aegisub\unins000.exe"
AIDA64 Extreme Edition v2.00-->"C:\Program Files (x86)\AIDA64 Extreme Edition\unins000.exe"
AIMP3-->C:\Program Files (x86)\AIMP3\Uninstall.exe
Aktualizace NVIDIA 6.4.23-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E42D107E-6B99-45DA-9746-771AC5963E6C}\NVI2.DLL",UninstallPackage Display.Update
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Album Art Downloader XUI 0.45-->C:\Program Files\AlbumArtDownloader\uninst.exe
Any Video Converter 5 5.0.3-->"C:\Program Files (x86)\AnvSoft\Any Video Converter 5\unins000.exe"
Atheros Client Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0005 -removeonly
Awesomenauts-->"D:\Steam\steam.exe" steam://uninstall/204300
Balíček ovladače systému Windows - Ralink (netr28ux) Net (01/20/2010 3.00.11.0000)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\netr28ux.inf_amd64_neutral_e83c8b1944689d8f\netr28ux.inf
Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
Beat Hazard-->"D:\Steam\steam.exe" steam://uninstall/49600
Borderlands 2-->"D:\Hry\Borderlands 2\unins000.exe"
BulletStorm-->MsiExec.exe /I{45410935-B52C-468A-A836-0D1000018201}
BurnAware Professional 6.1-->"C:\Program Files (x86)\BurnAware Professional\unins000.exe"
Call of Duty(R) - World at War(TM) 1.2 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.4 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.5 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) - World at War(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{750C87B8-AF19-4C3C-B791-50D9C83AE572}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDisplay 1.8-->"C:\Program Files (x86)\CDisplay\unins000.exe"
Combined Community Codec Pack 2013-05-30-->"C:\Program Files (x86)\Combined Community Codec Pack\unins000.exe"
COMODO Internet Security-->MsiExec.exe /I{FD8E178D-8B4E-42DA-B434-EFF270329B1C}
CoreAVC Professional Edition (remove only)-->"C:\Program Files (x86)\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe"
Counter-Strike: Global Offensive-->"D:\Steam\steam.exe" steam://uninstall/730
Counter-Strike: Source-->"D:\Steam\steam.exe" steam://uninstall/240
CRC32 Calculator - CheckCRC-->C:\Program Files (x86)\CheckCRC\CheckCRC.exe /uninstall
Cube World version 0.0.1-->"D:\Hry\Cube World\unins000.exe"
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Dark Souls Prepare to Die Edition-->hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65,00,78,00,65,00,20,00,2f,00,58,00,7b,00,34,00,45,00,34,00,44,00,30,00,46,00,41,00,31,00,2d,00,46,00,38,00,38,00,30,00,2d,00,34,00,43,00,43,00,42,00,2d,00,39,00,39,00,39,00,41,00,2d,00,35,00,30,00,31,00,30,00,30,00,30,00,30,00,30,00,38,00,32,00,30,00,30,00,7d,00,00,00
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
EASEUS Partition Master 9.1.0 Home Edition-->"C:\Program Files (x86)\EASEUS\EASEUS Partition Master 9.1.0 Home Edition\unins000.exe"
Easy CD-DA Extractor 2010-->"C:\Program Files\Easy CD-DA Extractor 2010\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 2010\irunin.xml"
EasyFace2-->C:\Program Files (x86)\InstallShield Installation Information\{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}\setup.exe -runfromtemp -l0x0009 -removeonly
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Evernote v. 4.6.2-->MsiExec.exe /X{DCA963D4-6AA2-11E2-80AA-984BE15F174E}
Faerie Solitaire-->"D:\Steam\steam.exe" steam://uninstall/38600
Feedback Tool-->MsiExec.exe /I{13A5E785-5197-4EAD-8EE3-D660271E49BC}
FileHippo.com Update Checker-->"C:\Program Files (x86)\FileHippo.com\uninstall.exe"
Fraps (remove only)-->"C:\Program Files\Fraps\uninstall.exe"
Free Download Manager 3.9.2-->"C:\Program Files (x86)\Free Download Manager\unins000.exe"
GHOST-->MsiExec.exe /I{AC968B0F-024A-4323-BD6B-C2A85D183F34}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"D:\Steam\steam.exe" steam://uninstall/12210
Hi-Rez Studios Authenticate and Update Service-->"D:\Hry\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=all
HTC Driver Installer-->MsiExec.exe /X{4CEEE5D0-F905-4688-B9F9-ECC710507796}
Chivalry: Medieval Warfare-->"D:\Steam\steam.exe" steam://uninstall/219640
Icaros 2.2.0-->"C:\Program Files\Icaros\unins000.exe"
Indeo® Software-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\Ligos\Indeo\Uninst.isu"
inSSIDer-->MsiExec.exe /I{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{90F00673-A276-4A58-B675-B426D39D1E09}
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) Update Manager-->MsiExec.exe /X{89704656-98FA-4EB0-9CC9-9C9839255FA0}
Intel® SSD Toolbox-->C:\Program Files (x86)\Intel\Intel(R) SSD Toolbox\Uninstall\setup.exe -uninstall
IPTInstaller-->MsiExec.exe /I{08208143-777D-4A06-BB54-71BF0AD1BB70}
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java 7 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
Java 7 Update 25 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417025FF}
Java(TM) 6 Update 26 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416026FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Just Cause 2-->"D:\Steam\steam.exe" steam://uninstall/8190
Killing Floor-->"D:\Steam\steam.exe" steam://uninstall/1250
Legend of Grimrock-->"D:\Steam\steam.exe" steam://uninstall/207170
LockIndicator-->C:\Program Files (x86)\InstallShield Installation Information\{CBDF64A5-44E0-4ECF-B5B3-FE8EF961CF13}\setup.exe -runfromtemp -l0x0009 -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {8B531332-0D5D-4B3B-A22C-8330DEA695A7} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8B531332-0D5D-4B3B-A22C-8330DEA695A7}
LogonStudio-->C:\PROGRA~2\LOGONS~1\UNWISE.EXE C:\PROGRA~2\LOGONS~1\INSTALL.LOG
Mal Updater 2.80-->"C:\Program Files (x86)\Mal Updater 2\unins000.exe"
Malwarebytes Anti-Malware verze 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder x64 0.8.18.5360-->C:\Program Files\MediaCoder\uninst.exe
MediaInfo Lite 0.7.61-->"C:\Program Files (x86)\MediaInfo Lite\unins000.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175-->MsiExec.exe /X{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{887868A2-D6DE-3255-AA92-AA0B5A59B874}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106-->MsiExec.exe /X{3C28BFD4-90C7-3138-87EF-418DC16E9598}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{B143BE44-8723-315E-9413-011C55873C0E}
Microsoft Windows Application Compatibility Database-->C:\Windows\SysWow64\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC
Mobipocket Creator 4.2-->MsiExec.exe /I{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
Mozilla Firefox 20.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mp3tag v2.52-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE
msi LED Manager-->MsiExec.exe /I{34B61214-F4D3-4449-A918-F52A36FB2F71}
MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MyPhoneExplorer-->C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe
Neverwinter-->D:\Hry\Neverwinter\Uninstall Neverwinter.exe
NVIDIA GeForce Experience 1.5.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E42D107E-6B99-45DA-9746-771AC5963E6C}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.24.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FB418FB9-2B87-468F-B012-DFD08BACC2A7}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 320.49-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FB418FB9-2B87-468F-B012-DFD08BACC2A7}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}
NVIDIA Systémový software PhysX 9.13.0604-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FB418FB9-2B87-468F-B012-DFD08BACC2A7}\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Path of Exile-->MsiExec.exe /X{90A4562F-D4A1-4B65-906D-41F236CF6902}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Plus Pack for Acronis True Image Home 2012-->MsiExec.exe /X{DDFAA49C-2B1D-4808-B43A-4AAFF0475B04}
Rainmeter-->C:\Program Files\Rainmeter\uninst.exe
Rapture3D 2.4.8 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Reader Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0405 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Sanctum-->"D:\Steam\steam.exe" steam://uninstall/91600
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Smite-->"D:\Hry\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=17
Snapseed-->MsiExec.exe /X{8EE7DE8E-85D3-48D8-A47B-64D7F4B5207A}
Source SDK Base 2007-->"D:\Steam\steam.exe" steam://uninstall/218
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
System Control Manager-->C:\Program Files (x86)\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF}
System Requirements Lab for Intel-->MsiExec.exe /I{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}
Team Fortress 2-->"D:\Steam\steam.exe" steam://uninstall/440
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Terraria-->"D:\Steam\steam.exe" steam://uninstall/105600
The Incredible Adventures of Van Helsing (c) NeocoreGames version 1-->"D:\Hry\The Incredible Adventures of Van Helsing\unins000.exe"
The KMPlayer-->C:\Program Files (x86)\The KMPlayer\uninstall.exe
THX TruStudio Pro-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}\setup.exe" -l0x9 /remove
TmUnitedForever Update 2010-03-15-->"D:\Hry\TmUnitedForever\unins000.exe"
Topaz Denoise 3 (64-bit)-->MsiExec.exe /I{B87758B5-E39F-4476-B84B-562470524603}
Topaz Denoise 3-->MsiExec.exe /I{390B7821-3CDE-4579-B940-B0A06B86136A}
Torchlight II-->"D:\Steam\steam.exe" steam://uninstall/200710
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\totalcmd\tcunin64.exe
UltraISO Premium V9.35-->"C:\Program Files (x86)\UltraISO\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {525A4A44-8940-40AD-ABA0-14501199D2F0}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {824C8467-C873-4D17-BDA5-80578FBF3D0A}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Warframe-->"D:\Steam\steam.exe" steam://uninstall/230410
WebM Media Foundation Components-->C:\Program Files (x86)\Common Files\WebM Project\webmmf\uninstall_webmmf.exe
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wise Registry Cleaner 7.62-->"C:\Program Files (x86)\Wise Registry Cleaner\unins000.exe"

======Hosts File======

127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: MSI-LUKAS
Event Code: 26
Message: Procesor 1 ve skupině 0 uvádí následující informace:

stavy nečinnosti: 2
stavy činnosti: 9
stavy omezení: 0
Record Number: 247262
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20130308143016.963206-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MSI-LUKAS
Event Code: 26
Message: Procesor 2 ve skupině 0 uvádí následující informace:

stavy nečinnosti: 2
stavy činnosti: 9
stavy omezení: 0
Record Number: 247261
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20130308143016.963206-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MSI-LUKAS
Event Code: 26
Message: Procesor 0 ve skupině 0 uvádí následující informace:

stavy nečinnosti: 2
stavy činnosti: 9
stavy omezení: 0
Record Number: 247260
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20130308143016.963206-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MSI-LUKAS
Event Code: 7036
Message: Stav služby \Device\NDMP7 byl změněn na: Intel(R) Centrino(R) Wireless-N 130
Record Number: 247259
Source Name: NETwNs64
Time Written: 20130308143016.698005-000
Event Type: Informace
User:

Computer Name: MSI-LUKAS
Event Code: 2
Message: Intel(R) Management Engine Interface driver has started successfully.
Record Number: 247258
Source Name: MEIx64
Time Written: 20130308143016.495205-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: MSI-LUKAS
Event Code: 10001
Message: Ukončování relace 0, zahájení ‎2012‎-‎02‎-‎29T18:55:50.826621400Z.
Record Number: 34038
Source Name: Microsoft-Windows-RestartManager
Time Written: 20120229185551.863680-000
Event Type: Informace
User: MSI-LUKAS\Resshi

Computer Name: MSI-LUKAS
Event Code: 10000
Message: Zahajování relace 0 – ‎2012‎-‎02‎-‎29T18:55:50.826621400Z.
Record Number: 34037
Source Name: Microsoft-Windows-RestartManager
Time Written: 20120229185550.826621-000
Event Type: Informace
User: MSI-LUKAS\Resshi

Computer Name: MSI-LUKAS
Event Code: 1042
Message: Probíhá ukončování transakce Instalační služby systému Windows: C:\Users\Resshi\AppData\Local\Temp\vmware_1330541741\tools-windows.msi. ID procesu klienta: 75780
Record Number: 34036
Source Name: MsiInstaller
Time Written: 20120229185551.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MSI-LUKAS
Event Code: 1033
Message: Instalační služba systému Windows provedla instalaci produktu. Název produktu: tools-windows. Verze produktu: 8.8.2.591240. Jazyk produktu: 1033. Výrobce: VMware, Inc.. Stav instalace (úspěch nebo chyba): 0.
Record Number: 34035
Source Name: MsiInstaller
Time Written: 20120229185551.000000-000
Event Type: Informace
User: MSI-LUKAS\Resshi

Computer Name: MSI-LUKAS
Event Code: 11707
Message: Product: tools-windows -- Installation completed successfully.
Record Number: 34034
Source Name: MsiInstaller
Time Written: 20120229185551.000000-000
Event Type: Informace
User: MSI-LUKAS\Resshi

=====Security event log=====

Computer Name: MSI-LUKAS
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1770039
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130211043815.470179-000
Event Type: Úspěšný audit
User:

Computer Name: MSI-LUKAS
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI-LUKAS$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x39c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1770038
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130211043815.470179-000
Event Type: Úspěšný audit
User:

Computer Name: MSI-LUKAS
Event Code: 4616
Message: Systémový čas byl změněn.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Informace o procesu:
ID procesu: 0x5a0
Název: C:\Windows\System32\svchost.exe

Předchozí čas: ‎2013‎-‎02‎-‎11T04:38:12.326947200Z
Nový čas: ‎2013‎-‎02‎-‎11T04:38:12.326000000Z

Tato událost je generována, pokud je změněn systémový čas. Je normální, že systémový čas, který používá systémové oprávnění, se mění pravidelně. Jiné změny systémového času mohou označovat pokusy o manipulaci s počítačem.
Record Number: 1770037
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130211043812.326000-000
Event Type: Úspěšný audit
User:

Computer Name: MSI-LUKAS
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1770036
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130211043711.837487-000
Event Type: Úspěšný audit
User:

Computer Name: MSI-LUKAS
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI-LUKAS$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x39c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1770035
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130211043711.837487-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;%systemroot%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 18 črc 2013 12:46

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Jyxo · #5 Příspěvek od **Jyxo** » 18 črc 2013 13:24

Otl.txt - část 1.

OTL logfile created on: 18.7.2013 13:52:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Resshi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,98 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 40,91% Memory free
11,95 Gb Paging File | 7,79 Gb Available in Paging File | 65,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 167,68 Gb Total Space | 102,77 Gb Free Space | 61,29% Space Free | Partition Type: NTFS
Drive D: | 698,64 Gb Total Space | 339,06 Gb Free Space | 48,53% Space Free | Partition Type: NTFS

Computer Name: MSI-LUKAS | User Name: Resshi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.07.18 13:51:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Resshi\Desktop\OTL.exe
PRC - [2013.07.12 15:14:48 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013.07.03 23:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.06.20 15:10:17 | 001,646,536 | ---- | M] (AIMP DevTeam) -- C:\Program Files (x86)\AIMP3\AIMP3.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.06 11:22:55 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013.03.15 21:28:12 | 004,683,768 | ---- | M] (Almico Software (http://www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2012.12.07 17:26:56 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.04.22 12:18:05 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP) -- C:\Program Files (x86)\QIP 2012\qip.exe
PRC - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.11.29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.09.22 20:30:42 | 000,394,832 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.09.22 20:29:54 | 005,550,984 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2011.06.24 20:42:10 | 001,699,016 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
PRC - [2011.02.17 12:51:14 | 002,482,176 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
PRC - [2010.04.27 11:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.08.29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe
PRC - [2009.07.09 16:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe
PRC - [2009.06.26 07:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2013.07.18 09:27:20 | 000,192,512 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013.07.18 09:27:19 | 000,158,720 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Temp\sfareca00001.dll
MOD - [2013.07.15 06:49:47 | 000,410,576 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\ppgooglenaclpluginchrome.dll
MOD - [2013.07.15 06:49:45 | 004,053,456 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\pdf.dll
MOD - [2013.07.15 06:48:54 | 000,709,584 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\libglesv2.dll
MOD - [2013.07.15 06:48:53 | 000,099,792 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\libegl.dll
MOD - [2013.07.15 06:48:51 | 001,604,560 | ---- | M] () -- C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\ffmpegsumo.dll
MOD - [2013.07.10 16:45:48 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5ff75dafe0bda546dc6c71d2cb2d5257\IAStorUtil.ni.dll
MOD - [2013.07.10 16:45:48 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013.07.10 16:04:49 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
MOD - [2013.07.10 16:04:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013.07.10 16:04:20 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013.07.10 16:04:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013.07.10 16:04:03 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013.07.10 16:03:58 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013.07.10 16:03:55 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013.07.10 16:03:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013.07.10 16:03:49 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.06.20 15:10:20 | 001,733,120 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll
MOD - [2013.06.20 15:10:20 | 000,435,200 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll
MOD - [2013.06.20 15:10:20 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Modules\MACDll.dll
MOD - [2013.06.20 15:10:20 | 000,141,768 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll
MOD - [2013.06.20 15:10:20 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp
MOD - [2013.06.20 15:10:19 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll
MOD - [2013.06.20 15:10:18 | 000,480,256 | ---- | M] () -- C:\Program Files (x86)\AIMP3\sqlite3.dll
MOD - [2012.03.23 17:56:04 | 000,957,392 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\Social\Social.dll
MOD - [2012.03.23 17:56:00 | 001,641,936 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\mra.dll
MOD - [2012.03.23 17:56:00 | 000,049,104 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\MRA\pics.dll
MOD - [2012.03.23 17:55:56 | 002,524,112 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Protos\InfICQ\inficq.dll
MOD - [2012.01.12 14:35:18 | 000,103,888 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Core\WebWindow.dll
MOD - [2011.12.08 17:41:42 | 000,290,816 | ---- | M] () -- C:\Program Files (x86)\AIMP3\Plugins\aimp_web_ctl.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.08.29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe
MOD - [2009.07.14 17:17:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.06.26 07:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
MOD - [2009.03.07 19:36:02 | 001,478,656 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\FMtune\FMtune.dll
MOD - [2008.05.16 00:01:18 | 001,083,392 | ---- | M] () -- C:\Program Files (x86)\QIP 2012\Plugins\ExMusic\ExMusic.dll
MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012.11.08 01:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2012.09.08 15:39:59 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012.08.23 14:39:38 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.18 01:52:16 | 000,659,472 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.17 08:59:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.23 14:48:24 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Hry\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.06 11:22:55 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.14 11:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.12.07 17:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.06.28 15:41:40 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012.04.22 12:18:05 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.01.20 17:08:13 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.09.22 20:32:26 | 001,113,784 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.06.06 18:36:00 | 004,005,936 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.09 16:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.15 17:01:08 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.02.14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.10 10:25:22 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013.01.10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.12.21 13:25:11 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.09.30 20:24:08 | 011,523,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.18 01:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.07.18 01:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.04.22 12:18:06 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.04.22 12:18:04 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
DRV:64bit: - [2012.04.22 12:18:02 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.04.22 12:17:55 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.04.22 10:51:51 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt61.sys -- (vidsflt61)
DRV:64bit: - [2012.04.22 10:51:43 | 000,133,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.21 15:47:52 | 000,031,968 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2011.12.21 15:47:08 | 000,025,056 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2011.12.09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.11.29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.11.15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.07.29 14:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011.07.29 14:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.04.12 14:28:34 | 000,044,032 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_win764.sys -- (fspad_win764)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.30 15:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.11.23 16:12:00 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 02:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.06.23 18:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.04.27 10:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.04.27 10:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.04.06 19:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2010.01.17 13:10:54 | 000,158,736 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2010.01.17 13:10:54 | 000,048,144 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2009.11.18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.09.24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.09.14 14:30:26 | 000,058,744 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.08.21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.08.05 12:56:04 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2009.07.28 20:02:10 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.24 11:33:14 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 19:56:28 | 000,140,128 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.29 11:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.19 10:00:26 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 09:59:32 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.17 12:01:04 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 17:20:34 | 001,202,688 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.09.25 16:59:52 | 000,018,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfoX64.sys -- (CrystalSysInfo)
DRV:64bit: - [2007.01.26 10:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV - [2011.07.29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011.06.02 12:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 0winampie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Spellforce\_Download
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 AD E5 94 1A 33 CB 01 [binary data]
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes,DefaultScope = {BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes\{BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "news.google.cz"
FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:1.3.2
FF - prefs.js..extensions.enabledAddons: movableAppButton%40Merci.chao:1.4
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: yetanothersmoothscrolling%40kataho:3.1.3
FF - prefs.js..extensions.enabledAddons: intgcal%40egarracingteam.com.ar:1.2.0
FF - prefs.js..extensions.enabledAddons: facebook%40disconnect.me:2.1.3
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.8
FF - prefs.js..extensions.enabledAddons: %7Bc0c588b6-b11d-4898-af00-079fed05aa32%7D:20.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Resshi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013.07.08 19:05:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.25 17:25:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.07.08 19:05:20 | 000,000,000 | ---D | M]

[2013.04.25 17:25:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Extensions
[2013.07.07 21:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions
[2013.04.26 15:21:06 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\foxmarks@kei.com
[2013.04.26 15:20:58 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\support@lastpass.com
[2013.04.25 21:01:13 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.04.25 21:10:45 | 000,035,735 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\facebook@disconnect.me.xpi
[2013.04.25 21:10:45 | 000,025,955 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\intgcal@egarracingteam.com.ar.xpi
[2013.04.25 21:03:31 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
[2013.04.27 11:23:08 | 000,265,636 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\jid0-zDuE7MQZjTEpOLHPvhw3GbDyhIg@jetpack.xpi
[2013.04.25 21:14:37 | 000,423,679 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
[2013.04.25 17:32:34 | 000,003,323 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\movableAppButton@Merci.chao.xpi
[2013.04.25 21:06:02 | 000,066,869 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\yetanothersmoothscrolling@kataho.xpi
[2013.04.25 17:31:45 | 000,282,569 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2013.04.25 17:28:10 | 003,242,364 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi
[2013.04.25 20:59:05 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.27 11:18:42 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Resshi\AppData\Roaming\Mozilla\Firefox\Profiles\dyw48lde.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.04.25 17:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.05.29 20:34:14 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAMDATA\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSIONS\1.5.8
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.10 12:37:04 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.04.10 12:37:04 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.04.10 12:37:04 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.04.10 12:37:04 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.04.10 12:37:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: https://news.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.8.800.94\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Resshi\AppData\Local\Google\Chrome\Application\29.0.1547.22\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.25_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.25_0\.bak
CHR - Extension: Disk Google = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Bookmark Sentry = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.13_0\
CHR - Extension: Turn Off the Lights = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.11_0\
CHR - Extension: Chrome YouTube Downloader = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\
CHR - Extension: FlashBlock = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.12_0\
CHR - Extension: Adblock Plus = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\
CHR - Extension: ImageZoomer = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnaagndnllbblbgeimdkknegobbpohk\2.2.0_0\
CHR - Extension: SDownload = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkflmdcolphnomonabinogaegbjbnbbm\1.0_0\
CHR - Extension: Facebook Disconnect = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0\
CHR - Extension: Feedly Cloud Access Beta = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncjeobdojomnbdpbdkpnfdnmijagno\0.1.1_0\
CHR - Extension: Silver Bird = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic\1.9.10.2_0\
CHR - Extension: TMZNS \u2013 timezones for humans = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkienloijjhkoegoacpnfknffgnlkde\0.3_0\
CHR - Extension: Stylish = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.1_0\
CHR - Extension: YouTube Feed = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmclllfjjmmdmhjobjdgfnggfhljboa\1.3.4.1_0\
CHR - Extension: YouTube Feed = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmclllfjjmmdmhjobjdgfnggfhljboa\1.3.4.1_0\~
CHR - Extension: AdBlock = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Hola Unblocker = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.1.338_0\
CHR - Extension: Google Calendar (by Google) = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.3.1_0\
CHR - Extension: TweetDeck = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.1.3_0\
CHR - Extension: LastPass = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.24_0\
CHR - Extension: WidgetBlock = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiihiookhijpbhaflohognbhmamdnol\0.1.14_0\
CHR - Extension: AdBlock+ = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\
CHR - Extension: Recycle Bin = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfbchidonfnclempkcojlpijhmoalhi\1.1_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_0\
CHR - Extension: Chromium Wheel Smooth Scroller = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb\1.3.3_0\
CHR - Extension: Soundcloud Super +2: Downloader + Recommender = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcdnnmkbjclfipjkpmoohpbaacknnke\1.0_1\
CHR - Extension: Stop Autoplay for YouTube. = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh\0.11.5.24_0\
CHR - Extension: FVD Speed Dial - 3D Wall, Sync, New Tab Page = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.3.7_0\
CHR - Extension: goo.gl URL Shortener = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llcaedgoibaahmcbhhhnjkmiadbolamh\0.4.4_0\
CHR - Extension: Clickable Links = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp\1.1.6_0\
CHR - Extension: Black Black Chrome Theme Blue Highlight = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpkblfdnephakmjpldlhjpcblifmojn\3.4_0\
CHR - Extension: Roz\u0161\u00ED\u0159en\u00ED Odb\u011Bry RSS (od Googlu) = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0\
CHR - Extension: Google Wallet Service = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.1_0\
CHR - Extension: Google Wallet Service = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.1_1\
CHR - Extension: Prohl\u00ED\u017Ee\u010D dokument\u016F ve form\u00E1tu PDF/PowerPoint (od spole\u010Dnosti Google) = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Better History = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb\1.10.1_0\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\13.6_0\
CHR - Extension: Stylebot = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha\2.1_0\
CHR - Extension: YouTube Options (Full Version) = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmgeoecaejeajjegjmijbcifhkbmgjd\1.8.123_0\
CHR - Extension: Chrome Update Notifier Plus = C:\Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfbafagepmnjfhgoaakiobjffddcnbd\0.5_0\

O1 HOSTS File: ([2013.07.17 20:58:34 | 000,449,574 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 http://www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 http://www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 http://www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 http://www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 http://www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 http://www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 http://www.10sek.com
O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15459 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LockIndicator] C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe ()
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WheelMouse] C:\MSI\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [AIMP3] C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [F.lux] C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [Infium] C:\Program Files (x86)\QIP 2012\qip.exe (QIP)
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [NetTraffic] C:\Program Files (x86)\NetTraffic\NetTraffic.exe (VENEA.NET)
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1014..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1014..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Resshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Users\Resshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (http://www.almico.com))
O4 - Startup: C:\Users\Resshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uTorrent.lnk = C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Google Search
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://www.google.com/search?q=%w
O7 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1014\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\\EvernoteIERes\NewNote.html ()
O8:64bit: - Extra context menu item: Přidat do Evernote 4 - C:\Program Files (x86)\Evernote\\EvernoteIERes\Clip.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Přidat do Evernote 4 - C:\Program Files (x86)\Evernote\\EvernoteIERes\Clip.html ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - %SystemRoot%\system32\nutafun4.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - %SystemRoot%\system32\nutafun4.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.systemrequirementslab.co ... 4.24.0.cab (Reg Error: Key error.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B6197BD-B30B-494B-8E25-648FFC2BC319}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C083954-38A8-4A5A-81BF-DA8521FDA3E4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C083954-38A8-4A5A-81BF-DA8521FDA3E4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C007250F-5230-4F3D-984D-0552B9A8B680}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.07.18 13:51:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Resshi\Desktop\OTL.exe
[2013.07.18 11:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.18 11:52:45 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.17 15:36:15 | 000,000,000 | ---D | C] -- C:\Users\Resshi\Documents\Square Enix
[2013.07.13 11:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UWT v2.2
[2013.07.13 07:43:34 | 000,000,000 | ---D | C] -- C:\Users\Resshi\Documents\Scatter
[2013.07.13 07:43:34 | 000,000,000 | ---D | C] -- C:\Users\Resshi\AppData\Roaming\Appfour
[2013.07.13 07:43:33 | 000,000,000 | ---D | C] -- C:\Users\Resshi\AppData\Local\Appfour
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.07.18 13:56:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.18 13:51:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Resshi\Desktop\OTL.exe
[2013.07.18 13:19:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job
[2013.07.18 13:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.18 12:58:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job
[2013.07.18 09:32:38 | 002,167,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.18 09:32:38 | 000,681,874 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.18 09:32:38 | 000,666,908 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.18 09:32:38 | 000,417,186 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013.07.18 09:32:38 | 000,148,342 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.18 09:32:38 | 000,127,646 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013.07.18 09:32:38 | 000,127,646 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.18 09:32:31 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 09:32:31 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 09:26:40 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
[2013.07.18 09:26:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.17 20:58:34 | 000,449,574 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.17 20:18:39 | 000,000,757 | ---- | M] () -- C:\Users\Resshi\Desktop\Fringe.lnk
[2013.07.17 15:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job
[2013.07.17 08:59:35 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.17 08:59:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.13 11:58:59 | 000,001,540 | ---- | M] () -- C:\Users\Resshi\Desktop\Ultimate Windows Tweaker.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.18 13:56:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.13 07:53:47 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job
[2013.07.13 07:53:47 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
[2013.07.12 15:14:55 | 000,000,966 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job
[2013.05.11 13:12:13 | 000,058,260 | ---- | C] () -- C:\Users\Resshi\energy-report.html
[2013.04.06 11:05:41 | 000,282,296 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.06 11:05:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.06 11:05:39 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2013.04.04 19:06:20 | 000,001,266 | ---- | C] () -- C:\Users\Resshi\AppData\Local\recently-used.xbel
[2013.03.01 16:19:34 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013.01.25 19:31:27 | 000,000,127 | ---- | C] () -- C:\Windows\SysWow64\options.ini
[2013.01.19 12:20:04 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2013.01.19 12:20:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2013.01.19 12:20:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2013.01.10 16:32:47 | 000,000,084 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2013.01.10 16:13:12 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2012.12.12 18:49:45 | 000,001,480 | ---- | C] () -- C:\Users\Resshi\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2012.12.11 16:26:07 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.11.19 22:00:00 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.06 20:31:48 | 000,001,065 | ---- | C] () -- C:\Windows\winamp.ini
[2012.04.14 16:31:43 | 000,000,600 | ---- | C] () -- C:\Users\Resshi\AppData\Roaming\winscp.rnd
[2012.03.03 12:56:44 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.02.04 22:50:24 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI
[2011.11.02 16:38:46 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011.11.02 16:38:46 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011.11.02 16:38:46 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011.11.02 16:38:46 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011.11.02 16:38:46 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011.11.01 18:10:47 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011.11.01 18:10:47 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011.11.01 18:10:47 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011.11.01 18:10:45 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.11.01 18:10:45 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.08.10 17:40:28 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\BReWErS.dll
[2011.06.16 15:57:20 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2010.11.17 11:35:04 | 000,007,642 | ---- | C] () -- C:\Users\Resshi\AppData\Local\Resmon.ResmonCfg
[2010.09.28 11:39:11 | 000,000,094 | ---- | C] () -- C:\Users\Resshi\AppData\Local\fusioncache.dat
[2010.09.11 11:58:00 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010.09.04 11:11:44 | 000,000,132 | ---- | C] () -- C:\Users\Resshi\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2010.08.08 15:10:47 | 000,000,854 | ---- | C] () -- C:\Users\Resshi\AppData\Roaming\burnaware.ini
[2010.08.02 19:10:44 | 000,029,340 | ---- | C] () -- C:\Users\Resshi\AppData\Roaming\UserTile.png
[2010.08.02 19:10:44 | 000,001,042 | ---- | C] () -- C:\Users\Resshi\AppData\Roaming\coreavc.ini

========== ZeroAccess Check ==========

Jyxo · #6 Příspěvek od **Jyxo** » 18 črc 2013 13:25

Otl.txt - část 2.

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.07.15 10:02:49 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\.minecraft
[2013.04.02 21:21:07 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\.technic
[2012.04.21 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Acronis
[2011.02.21 21:46:36 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Aegisub
[2013.07.18 12:43:48 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\AIMP3
[2011.01.25 20:24:27 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Amazon
[2010.08.02 22:13:49 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\AnvSoft
[2013.07.13 07:43:34 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Appfour
[2013.04.12 17:48:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Awesomium
[2011.12.26 20:39:26 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Beat Hazard
[2012.05.09 18:59:21 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Brawsome
[2013.03.01 17:09:03 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Broad Intelligence
[2013.06.09 09:58:25 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\DAEMON Tools Lite
[2013.04.04 19:02:04 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\DeepBurner
[2012.11.24 16:15:48 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Faerie Solitaire
[2013.07.17 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Free Download Manager
[2013.04.03 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\ftblauncher
[2011.11.23 21:55:45 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\GHISLER
[2011.07.17 11:21:39 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\GRaiN
[2012.10.09 15:27:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\HTC
[2010.12.24 11:19:09 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\HTC Home
[2010.08.03 16:11:59 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\IrfanView
[2013.06.24 05:42:18 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Mal Updater
[2010.08.02 21:56:29 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\mkvtoolnix
[2013.07.15 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Mp3tag
[2012.06.26 18:06:42 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\MyPhoneExplorer
[2013.03.07 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Origin
[2012.06.09 12:32:07 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Outlook
[2013.02.06 22:06:05 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\pim
[2013.01.19 12:23:47 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PowerUp Software
[2013.02.06 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PTC
[2011.03.16 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PunkBuster
[2011.12.23 09:36:52 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\QIP
[2012.11.05 15:51:24 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Rainmeter
[2012.05.14 15:04:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\runic games
[2012.11.21 21:54:10 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Theta
[2013.07.08 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\TS3Client
[2013.07.18 11:35:27 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\uTorrent
[2010.08.04 16:27:16 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\VitySoft
[2011.12.01 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Wise Registry Cleaner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,550 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.10 21:44:48 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job
[2012.03.29 18:44:10 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.12 15:14:55 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job
[2013.07.13 07:53:47 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
[2013.07.13 07:53:47 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 06:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 05:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 02:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 06:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 06:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 05:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 06:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.20 06:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\ERDNT\cache64\tcpip.sys
[2010.11.20 06:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 05:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 06:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 06:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.07.15 10:02:49 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\.minecraft
[2013.04.02 21:21:07 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\.technic
[2012.04.21 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Acronis
[2010.12.28 22:37:11 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Adobe
[2010.08.04 17:29:54 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Adobe Mini Bridge CS5
[2011.02.21 21:46:36 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Aegisub
[2013.07.18 12:43:48 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\AIMP3
[2011.01.25 20:24:27 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Amazon
[2010.08.02 22:13:49 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\AnvSoft
[2013.07.13 07:43:34 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Appfour
[2012.10.09 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Apple Computer
[2013.04.12 17:48:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Awesomium
[2011.12.26 20:39:26 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Beat Hazard
[2012.05.09 18:59:21 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Brawsome
[2013.03.01 17:09:03 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Broad Intelligence
[2011.06.22 18:40:54 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\COMODO
[2013.06.09 09:58:25 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\DAEMON Tools Lite
[2013.04.04 19:02:04 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\DeepBurner
[2012.11.24 16:15:48 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Faerie Solitaire
[2013.07.17 20:56:41 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Free Download Manager
[2013.04.03 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\ftblauncher
[2011.11.23 21:55:45 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\GHISLER
[2011.07.17 11:21:39 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\GRaiN
[2012.10.09 15:27:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\HTC
[2010.12.24 11:19:09 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\HTC Home
[2010.08.01 22:10:13 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Identities
[2011.07.01 15:44:18 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\InstallShield
[2010.08.02 17:43:48 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Intel
[2011.04.30 10:02:33 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Intel Corporation
[2010.08.03 16:11:59 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\IrfanView
[2010.08.02 00:16:05 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Macromedia
[2013.06.24 05:42:18 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Mal Updater
[2010.08.03 16:29:14 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Malwarebytes
[2013.05.14 19:23:33 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Media Player Classic
[2013.02.05 22:18:00 | 000,000,000 | --SD | M] -- C:\Users\Resshi\AppData\Roaming\Microsoft
[2010.08.02 16:55:47 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\mIRC
[2010.08.02 21:56:29 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\mkvtoolnix
[2013.04.25 17:25:52 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Mozilla
[2013.07.15 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Mp3tag
[2012.06.26 18:06:42 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\MyPhoneExplorer
[2013.07.03 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\NVIDIA
[2013.03.07 23:30:41 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Origin
[2012.06.09 12:32:07 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Outlook
[2013.02.06 22:06:05 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\pim
[2013.01.19 12:23:47 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PowerUp Software
[2013.02.06 21:22:11 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PTC
[2011.03.16 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\PunkBuster
[2011.12.23 09:36:52 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\QIP
[2012.11.05 15:51:24 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Rainmeter
[2012.05.14 15:04:44 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\runic games
[2010.11.08 20:23:57 | 000,000,000 | RH-D | M] -- C:\Users\Resshi\AppData\Roaming\SecuROM
[2013.03.29 19:29:00 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Skype
[2011.10.15 12:52:46 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\SUPERAntiSpyware.com
[2012.11.21 21:54:10 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Theta
[2012.07.09 13:05:15 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Torque
[2013.07.08 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\TS3Client
[2013.07.18 11:35:27 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\uTorrent
[2010.08.04 16:27:16 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\VitySoft
[2012.07.13 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\VMware
[2010.08.01 22:40:42 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\WinRAR
[2011.12.01 14:37:08 | 000,000,000 | ---D | M] -- C:\Users\Resshi\AppData\Roaming\Wise Registry Cleaner

< %APPDATA%\*.exe /s >
[2013.07.02 19:10:52 | 000,484,992 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\Minecraft.exe
[2012.08.12 10:37:22 | 000,052,736 | ---- | M] (Technic) -- C:\Users\Resshi\AppData\Roaming\.minecraft\TechnicLauncher.exe
[2012.06.30 17:18:40 | 001,581,077 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\_____sracky\mcpatcher-2.3.7_02.exe
[2011.03.13 21:47:02 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Resshi\AppData\Roaming\.minecraft\_____sracky\Minecraft.exe
[2011.05.28 17:34:46 | 000,253,952 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\___INVedit\INVedit.exe
[2010.08.19 19:32:11 | 000,031,232 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\___MineEdit-RELEASE-11212010\LaunchServer.exe
[2010.11.21 16:50:18 | 000,712,704 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\___MineEdit-RELEASE-11212010\MineEdit.exe
[2010.05.16 13:27:02 | 000,118,784 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.minecraft\___NBTedit\NBTedit.exe
[2013.04.02 21:21:03 | 002,447,264 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.technic\TechnicLauncher.exe
[2013.04.02 21:21:02 | 002,447,264 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\.technic\temp.exe
[2013.06.20 15:10:07 | 007,547,200 | ---- | M] (AIMP DevTeam) -- C:\Users\Resshi\AppData\Roaming\AIMP3\UpdateInstaller.exe
[2013.01.24 21:53:13 | 007,680,037 | ---- | M] (FreeDownloadManager.ORG ) -- C:\Users\Resshi\AppData\Roaming\Free Download Manager\Update\fdminst.exe
[2013.04.02 21:20:59 | 000,537,171 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\ftblauncher\FTB_Launcher.exe
[2010.12.24 11:18:10 | 000,260,096 | ---- | M] (Stealth Software) -- C:\Users\Resshi\AppData\Roaming\HTC Home\HTCHome (x64).exe
[2010.12.24 11:18:10 | 000,261,120 | ---- | M] (Stealth Software) -- C:\Users\Resshi\AppData\Roaming\HTC Home\HTCHome.exe
[2010.12.24 11:18:10 | 000,165,888 | ---- | M] (Stealth Software) -- C:\Users\Resshi\AppData\Roaming\HTC Home\Updater.exe
[2010.12.24 11:17:00 | 000,277,504 | ---- | M] (Stealth Software) -- C:\Users\Resshi\AppData\Roaming\HTC Home\Uninstall\Uninstall.exe
[2012.06.09 12:13:12 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Resshi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.08.04 15:33:41 | 000,003,584 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
[2010.08.02 20:49:33 | 000,029,926 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe
[2010.08.02 20:49:33 | 000,029,422 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe
[2011.01.25 20:42:45 | 000,010,134 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}\_42B7FFA7C5763E138691B2.exe
[2011.01.25 20:42:45 | 000,010,134 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}\_84000D6CB79D945CDB36F8.exe
[2012.02.28 18:39:42 | 000,045,126 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}\_09F5D57F7B58C611EFD5E0.exe
[2012.02.28 18:39:42 | 000,045,126 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}\_2DB1E5D0BA3BD4FC3624CE.exe
[2012.02.28 18:39:42 | 000,045,126 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\Microsoft\Installer\{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}\_853F67D554F05449430E7E.exe
[2011.02.24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Resshi\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2012.08.11 22:39:06 | 000,009,216 | -H-- | M] () -- C:\Users\Resshi\AppData\Roaming\Rainmeter\Rainmeter.exe
[2010.06.13 12:54:58 | 001,520,145 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\Rainmeter\Addons\RainBrowser\RainBrowser.exe
[2010.06.13 12:54:54 | 000,419,835 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\Rainmeter\Addons\RainThemes\RainThemes.exe
[2010.01.20 00:35:26 | 000,697,965 | ---- | M] () -- C:\Users\Resshi\AppData\Roaming\uTorrent\unins000.exe
[2009.11.25 22:34:10 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Resshi\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.07.18 14:08:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.18 09:26:40 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
[2013.07.18 13:58:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job
[2013.07.17 15:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job
[2013.07.18 13:19:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.17 08:59:35 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.07.17 08:59:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "C:\Program Files (x86)\RocketDock\RocketDock.exe" -- [2007.09.02 14:58:52 | 000,495,616 | ---- | M] ()
"Google Update" = "C:\Users\Resshi\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.08.10 21:44:41 | 000,136,176 | ---- | M] (Google Inc.)
"F.lux" = "C:\Users\Resshi\Local Settings\Apps\F.lux\flux.exe" /noshow -- [2009.08.29 08:00:12 | 000,966,656 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 10:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
"NetTraffic" = C:\Program Files (x86)\NetTraffic\NetTraffic.exe -- [2012.09.02 20:18:42 | 000,194,048 | ---- | M] (VENEA.NET)
"AIMP3" = C:\Program Files (x86)\AIMP3\AIMP3.exe -- [2013.06.20 15:10:17 | 001,646,536 | ---- | M] (AIMP DevTeam)
"Infium" = "C:\Program Files (x86)\QIP 2012\qip.exe" /isolated /autorun -- [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.18 13:56:01 | 000,000,512 | ---- | M] () MD5=EF0BADE55A6B36C62266FD9D154F52AC -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.04.14 11:04:09 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2013.04.02 21:22:17 | 000,001,062 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2013.04.02 21:22:18 | 000,008,681 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2012.11.02 16:59:29 | 000,005,369 | ---- | M] () -- \Users\Resshi\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *loader* /s >
[2012.02.18 12:18:34 | 000,020,992 | R--- | M] () -- \$WINDOWS.~BT\Sources\en-us\upgloader.dll.mui
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\320.18\GFExperience\ExtensionLoader.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\320.49\GFExperience\ExtensionLoader.dll
[2011.06.09 23:52:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.12.07 00:38:40 | 000,268,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.07 00:38:40 | 000,019,000 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.09.04 16:54:22 | 000,000,267 | ---- | M] () -- \Program Files (x86)\DomDomSoft Manga Downloader\DomDomSoft Manga Downloader.config
[2013.06.30 10:44:20 | 001,193,984 | ---- | M] () -- \Program Files (x86)\DomDomSoft Manga Downloader\DomDomSoft Manga Downloader.exe
[2012.12.27 12:01:46 | 000,000,646 | ---- | M] () -- \Program Files (x86)\Evernote\EvernoteIERes\scripts\ContextMenuLoader.js
[2012.12.13 15:00:54 | 000,000,309 | ---- | M] () -- \Program Files (x86)\Evernote\EvernoteIERes\scripts\JQueryLoader.js
[2012.12.27 12:01:46 | 000,001,884 | ---- | M] () -- \Program Files (x86)\Evernote\EvernoteIERes\scripts\Loader.js
[2012.12.13 15:00:54 | 000,000,667 | ---- | M] () -- \Program Files (x86)\Evernote\EvernoteIERes\scripts\TagsCachedLoader.js
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2011.03.07 13:12:46 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2011.03.07 13:12:46 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2010.12.15 14:59:32 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2010.12.15 14:59:32 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2013.04.14 11:00:52 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.04.14 11:03:10 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.04.14 11:03:03 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.23 22:54:47 | 000,003,880 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderJp.class
[2013.04.14 11:02:05 | 000,007,073 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.03.07 13:14:45 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2013.07.03 23:36:01 | 001,152,288 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 10:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 10:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 10:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 10:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer – stable v3.2.0.18\ImLoader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.11.11 21:33:36 | 000,023,558 | ---- | M] () -- \Program Files\AlbumArtDownloader\AlbumArtDownloader.ico
[2012.09.22 20:03:02 | 000,006,656 | ---- | M] () -- \Program Files\AlbumArtDownloader\AlbumArtDownloader.Scripts.dll
[2012.12.07 00:38:40 | 000,364,088 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.07 00:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.12.06 18:13:52 | 000,001,070 | ---- | M] () -- \Program Files\MediaCoder\extensions\_include\loader.html
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{4FF85BFF-E245-4AF9-A3B2-C3B4939F6402}\ExtensionLoader.dll
[2013.07.03 23:36:01 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{C0338638-2A49-451C-BF0A-16CAA77B417A}\ExtensionLoader.dll
[2010.05.19 05:53:54 | 000,001,461 | ---- | M] () -- \Program Files\Rainmeter\Defaults\Skins\Gnometer\Launcher\Icons\jdownloader.png
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.02.20 17:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 17:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 17:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.14 10:56:27 | 042,457,071 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\JDownloader.zip
[2013.02.20 17:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 17:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 17:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.04.14 10:56:27 | 042,457,071 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\JDownloader.zip
[2012.04.05 05:59:04 | 000,002,361 | ---- | M] () -- \Users\Resshi\AppData\Local\Amazon\Kindle Previewer\lib\touchLibs\etc\gtk-2.0\gdk-pixbuf.loaders
[2013.07.10 20:18:03 | 000,002,867 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\css\Chrome-YouTube-Downloader.css
[2013.07.10 20:18:03 | 000,009,123 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.16_0\script\Chrome-YouTube-Downloader.js
[2013.07.10 15:47:52 | 000,003,208 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\skin\ajax-loader.gif
[2013.07.01 18:17:01 | 000,000,401 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.3.7_0\js\newtab\contextmenu\imgs\dhxmenu_dhx_black\dhtmlxmenu_loader.gif
[2013.07.01 18:17:01 | 000,000,401 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.3.7_0\js\newtab\contextmenu\imgs\dhxmenu_dhx_blue\dhtmlxmenu_loader.gif
[2013.07.01 18:17:01 | 000,000,401 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.3.7_0\js\newtab\contextmenu\imgs\dhxmenu_dhx_skyblue\dhtmlxmenu_loader.gif
[2013.07.01 18:17:01 | 000,001,683 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa\3.3.7_0\js\newtab\contextmenu\imgs\dhxmenu_dhx_web\dhxmenu_loader.gif
[2013.07.13 20:22:41 | 000,001,737 | ---- | M] () -- \Users\Resshi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\13.6_0\img\ajax-loader.gif
[2012.05.02 19:41:00 | 000,385,792 | ---- | M] () -- \Users\Resshi\AppData\Local\Runic Games\downloader.bundle
[2012.03.16 18:32:00 | 000,687,520 | ---- | M] () -- \Users\Resshi\AppData\Local\Runic Games\downloader.dll
[2012.12.20 21:54:00 | 000,385,792 | ---- | M] () -- \Users\Resshi\AppData\Local\Solid State Networks\Hawken\Host.7a26d15bdad34b3ab95b1b262c8507b08599e27d\downloader.bundle
[2012.03.16 18:32:00 | 000,687,520 | ---- | M] () -- \Users\Resshi\AppData\Local\Solid State Networks\Hawken\Host.7a26d15bdad34b3ab95b1b262c8507b08599e27d\downloader.dll
[2011.06.30 15:41:10 | 000,000,871 | ---- | M] () -- \Users\Resshi\AppData\Roaming\.minecraft\ModLoader.txt
[2011.06.21 20:38:48 | 000,075,264 | ---- | M] () -- \Users\Resshi\AppData\Roaming\.minecraft\_____sracky\ModLoader.zip
[2011.06.30 15:41:08 | 000,000,107 | ---- | M] () -- \Users\Resshi\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2013.04.02 21:25:46 | 000,036,764 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\Ultimate\instMods\liteloader.zip
[2013.04.02 21:27:46 | 000,571,249 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\Ultimate\minecraft\ForgeModLoader-client-0.log
[2013.04.02 21:26:21 | 000,000,000 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\Ultimate\minecraft\ForgeModLoader-client-0.log.lck
[2013.04.02 21:26:51 | 000,000,173 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\Ultimate\minecraft\liteloader.properties
[2013.04.02 21:27:45 | 000,018,070 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\Ultimate\minecraft\LiteLoader.txt
[2013.04.03 15:26:42 | 000,036,764 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\instMods\liteloader.zip
[2013.04.03 16:13:36 | 000,442,161 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\minecraft\ForgeModLoader-client-0.log
[2013.04.03 15:26:47 | 000,000,000 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\minecraft\ForgeModLoader-client-0.log.lck
[2013.04.02 21:43:45 | 000,451,702 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\minecraft\ForgeModLoader-client-1.log
[2013.04.03 15:27:11 | 000,000,173 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\minecraft\liteloader.properties
[2013.04.03 16:13:36 | 000,018,070 | ---- | M] () -- \Users\Resshi\AppData\Roaming\ftblauncher\YogCraft\minecraft\LiteLoader.txt
[2012.03.15 20:30:40 | 000,001,820 | ---- | M] () -- \Users\Resshi\Desktop\DomDomSoft Manga Downloader.lnk
[2010.05.19 05:53:54 | 000,001,461 | ---- | M] () -- \Users\Resshi\Documents\Rainmeter\Skins\Gnometer\Launcher\Icons\jdownloader.png
[2012.12.18 11:44:10 | 000,446,464 | ---- | M] () -- \Windows\NEXON_EU_DownloaderUpdater.exe
[3 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2010.08.02 21:45:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2010.08.02 21:45:29 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.efi.mui_35ee487d
[2010.08.02 21:45:29 | 000,029,264 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winload.exe.mui_3bc5b827
[2010.08.02 21:45:29 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.efi.mui_f412814e
[2010.08.02 21:45:29 | 000,026,688 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a_winresume.exe.mui_ff8b5358
[2011.04.13 15:05:13 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.13 15:05:13 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.13 15:05:13 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.13 15:05:13 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.13 15:05:13 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 19:30:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_015df3e3bafadc7a.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 5632 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:DE406C3E
@Alternate Data Stream - 1536 bytes -> C:\Users\Resshi\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Resshi\Desktop\desktop.ini:gs5sys
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation

< End of report >

Jyxo · #7 Příspěvek od **Jyxo** » 18 črc 2013 13:26

Extras.txt

OTL Extras logfile created on: 18.7.2013 13:52:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Resshi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,98 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 40,91% Memory free
11,95 Gb Paging File | 7,79 Gb Available in Paging File | 65,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 167,68 Gb Total Space | 102,77 Gb Free Space | 61,29% Space Free | Partition Type: NTFS
Drive D: | 698,64 Gb Total Space | 339,06 Gb Free Space | 48,53% Space Free | Partition Type: NTFS

Computer Name: MSI-LUKAS | User Name: Resshi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016D1B02-BF76-499A-B6BC-83F58CAEC4AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0480B771-9007-498A-B93D-739683F05927}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E586859-E005-49B7-A483-EDABE4D3173C}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{1240C1C5-D465-43B9-BF88-BFDDEF488882}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{12EFA2E1-DCEB-4C55-ADBF-B49D2F713D32}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DACC7BD-9B30-4543-AB0A-C3367D09D230}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{24082F52-0A9C-438F-9221-5AD5D1EC5447}" = rport=138 | protocol=17 | dir=out | app=system |
"{26A88942-B9D9-4267-998C-F0506EA5BA2E}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{2AA82B7F-1C3F-49BA-8ED8-8676669AD38A}" = lport=137 | protocol=17 | dir=in | app=system |
"{31C94CDC-AAC4-4815-A847-0B363FBAA5DC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3392C845-C560-4E76-B9F7-29A4F48C9D63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{36F12EDA-F7AF-4F87-B924-A3AA73E085DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3EDB9102-08EA-44A5-8108-7DB9F7514500}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46013708-A1E6-4CE0-8BC4-C396F05BF50F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{52001B19-636F-42B0-8CBD-49F75B2E627C}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{54F3B986-EE9B-48D3-B140-287E01C28046}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{62FD5943-C240-4268-B60D-427AF81FB67E}" = rport=137 | protocol=17 | dir=out | app=system |
"{639C8A28-857F-47F9-8E98-4432D941E8E7}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{6A3A5F72-AE86-40BB-9F9E-54C8CF4D0904}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7455CBFB-1390-4EAE-8DE9-4B932DE9B45B}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{92D96520-4679-48FD-9C38-8B5A59B58B03}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{93D05D60-B81C-40BA-BB54-1C923D49084A}" = lport=138 | protocol=17 | dir=in | app=system |
"{9A54C873-18AC-4867-8607-CAC7D4CDAAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D67BA26-3315-4FB2-81F1-25E8A09CD91B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3D35D97-0B01-4B99-8C0B-821C9F00F6FC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A786FA42-FFCF-4645-B710-4E8E9B26B12F}" = lport=445 | protocol=6 | dir=in | app=system |
"{B02A6651-914F-41D9-A6EC-08F4C068043E}" = rport=445 | protocol=6 | dir=out | app=system |
"{BE8E053F-24F4-419C-985A-2E08C745AAFA}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2A335AD-099B-4626-AEFD-0029523B42AA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C516F608-0D57-4B1F-94F7-AE8183003CC7}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{C8E2D6AC-03B2-4CF9-9632-05D29171CE4D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC1C41D9-C43D-435F-82AA-640E5DEBDC02}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{CC6268E0-7696-404A-863D-01D798446EDE}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{CF429F12-5F52-45C1-9043-0C12505EB6C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D566E28E-5263-4558-A5A6-1B12AA83C469}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{D5C03087-0D30-4D5E-9163-67590D7AB759}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF0F0760-3565-496D-A32D-68A6455DEE40}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E72C2C94-93EC-4159-A44F-25E6C89201F6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E8271C16-EFFE-4456-AC6F-752075707F6A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E88304EC-1C38-4B6F-9764-1CAEF42F65D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F286D3EE-B8B8-450D-978E-9D6A4681B6D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{F3CDC99A-5464-4F01-9E69-89AC37176C3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE5F8CF1-6EA4-4D9F-B313-15C7E7DE8641}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00546508-108B-4172-8773-D6B3476B63ED}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{01CB0169-EBD5-47B8-A814-F817ED5B7D1D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hoard\win32\reuben.exe |
"{0470C7EB-1633-4750-BC22-CA7377A89A25}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{04D078C2-EBBA-4E6C-9BAD-9634CC9BC571}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0565597B-4DC9-4F16-B8EA-25191C97BDD9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{060DC1AC-DB91-4C57-9B40-E4F71AB5C20E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\warframe\tools\launcher.exe |
"{068E9263-B9CA-4E9F-890D-813DEA46CD86}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe |
"{076FEBC3-EDF2-40AE-95F4-FE0F1E6BA7E2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{07FD3DF4-650D-46FF-9890-A95BA4A0CD64}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{0E58ECBD-549D-42E8-8C26-885E89DBEEB2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{13E3510B-0131-4EFF-B9F8-D5646AD9365C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{1B933093-4BB4-423A-8F4A-0BCCC3610437}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{23F3B27A-AF35-4464-A776-3A8A6C7762E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25421730-03F5-4C2E-93E6-94D9B6C41808}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{270CD54A-5505-483E-B2EB-03E7DB5D4487}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{27533F7E-C5AD-4363-811A-ED91E70D61A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CB0123A-69BF-4E53-947A-099526217061}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{2CF6108C-D563-47D9-9C3C-B153395696BD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{309C4035-AE3C-4AA4-8E22-6417ED944B28}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{328D7F80-DCA7-4D10-9C59-B0DE9C1657A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33D64A1B-81B5-43AC-A2EF-984041C07383}" = protocol=6 | dir=out | app=system |
"{34E55F34-694D-40A3-8B05-1CC2070B9F08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{3C025D7C-12C5-4E14-BF4F-4423991D747B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4311C0F2-5B95-4ECD-A22E-D0D2D266E541}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{466FBB5D-F9D2-43EA-A24F-A1301EBF0422}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{4FFE8BFB-032D-4EE2-8038-F7E4D5A1BF61}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{517CF7A7-FE55-429F-BC54-8398EEF05C14}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5988A062-EFB0-4769-A75B-CAC51C4A5216}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{6236F028-F7CA-4C71-B2F7-C361056198A0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{64B5D364-BD0D-4867-94E3-05215FFFC894}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6779AC60-CC3E-45CC-BF28-F1A54EBD0AA9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warframe\tools\launcher.exe |
"{6AAA0E53-7827-4E3A-8643-E07360E7E5D4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"{6F4D5CBE-432E-4F13-9045-3D95A0411EF9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{71CC74C6-F09F-45ED-8271-E69A945880C5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{72928387-523A-4755-BF2E-6E62A220C6BC}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{75D1CCFB-62A7-4A2C-A32D-2E2AAE614501}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{760B2088-652D-428B-B2F7-F71A2CAEBAB7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{76430D2C-600E-464F-B917-9B33C687B54B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{77A5E58E-488E-4032-ABB6-7C84CD9D2679}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{77F0658F-6F08-41D4-B9A5-F69627D29C94}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{797D5A1A-64CC-46FB-870B-ED7099319D36}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81BA0F60-0316-47B4-9F1C-AC31733524CE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{829B3108-5DC2-40CF-ABE4-2C696425C801}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8507C889-FF8B-4295-9227-70C4945B3691}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{87123E7F-7111-43F7-91F9-5B304CAC6792}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{894CB030-790C-427E-A372-086373085C5C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F33AC59-8318-4076-A026-409F96197E94}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{98DBC9BE-3297-4AED-AAF2-D752A766170F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{A02F5BA8-1E95-4A7A-9AA9-3FD8ACDC8001}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\beat hazard\beathazard.exe |
"{A1436CE8-8384-458A-B6CA-A565041BF2F6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A2818DB1-C799-47DB-96BA-3DF9CD281296}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A620FB89-10F5-4AB7-974B-396DDCAEDD7C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A9CC9443-B58B-418E-A869-79FAB9E34CCA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{AAB2FEC6-5C4B-4E9C-B282-568F55243A97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{AD72AB8E-C610-4528-8164-EDA4F5E1029F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B29185F5-2D2D-49E5-8ED2-D64D7E3E262A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B3D322A0-904B-416E-A308-4B75B916C40E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hoard\win32\reuben.exe |
"{B3D7A154-40FB-4BB5-88B1-9DEB6AAAEC58}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B497FA49-D9C9-48FB-82E8-4E4799174E34}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B83ED121-57EE-44D9-8A37-1089D229945E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{BA9BFFE1-1A06-4650-9AF6-83E023A663CD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{BF2F5353-F3C3-4BBA-A82C-678C8DF55C88}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{C296B650-582A-45D6-9C5D-08E56BC28332}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |
"{CB8FF435-09B1-4D0F-9DD9-7EB1AE8BEE5C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D1D3EA2C-AD7D-4DFA-883D-435E6F028A90}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{D23A3C23-6D9F-4268-B90E-8642A3EACC84}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike source\hl2.exe |
"{D264D464-BBE5-4465-B85F-5A612EB5021F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{D473AFB0-CA9B-4195-AEE9-F2D4D87A93DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6B723F0-32B2-473C-8020-C8CE4F944342}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC514B01-D829-4F85-BAD1-192905207050}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DE83A4BB-62FC-461B-93C6-31E4E56B1DAC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{DEE47C4B-CC73-4D2A-819D-B7420B417E79}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\beat hazard\runme.exe |
"{EAC8991A-FC99-454C-86FB-A80C66F13266}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{EF207B29-8041-4A32-80B9-ADAEBEA90E64}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\just cause 2\justcause2.exe |
"{F2D98A41-8F01-4FD0-9943-2DA94F854FB0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{F6F45BFB-6336-439F-ACB0-9BE4E3AD225C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9B385CC-4FCB-4C41-B531-F4C76D6C1056}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{FDFF0A69-9C85-4DEF-A145-9C6CE3EBDD06}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"{FE313C18-DB6D-4700-B322-D7FA96A89656}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"TCP Query User{03D40C22-3069-4349-A6C2-186B95F72FC1}D:\hry\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=d:\hry\tmunitedforever\tmforever.exe |
"TCP Query User{41375A13-9A34-4ABF-BEC8-DE395C28E766}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{66030D57-F6D5-41DE-B214-7E1B21C0F0FB}D:\install\mirc\mirc.exe" = protocol=6 | dir=in | app=d:\install\mirc\mirc.exe |
"TCP Query User{892C1E68-B1AD-4693-83E0-DC86EFFA472A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A550B613-4A87-4774-A7A8-3F14863C2071}D:\hry\quake iii arena\quake3.exe" = protocol=6 | dir=in | app=d:\hry\quake iii arena\quake3.exe |
"TCP Query User{BBE5012F-6F38-47E3-A9A3-3A46EF64F201}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{20772CF0-C6F1-4DEC-8B27-A022158F782A}D:\hry\quake iii arena\quake3.exe" = protocol=17 | dir=in | app=d:\hry\quake iii arena\quake3.exe |
"UDP Query User{3208813A-895D-4EFD-9E01-21D761785C0B}D:\hry\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=d:\hry\tmunitedforever\tmforever.exe |
"UDP Query User{80808243-70FA-48E7-A4C8-CF8AAC092E55}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{B68BF4E6-D825-4ABC-AF5A-9DE4AD1D9154}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{DA0633E9-8018-426C-94B2-83AAAA0AB93B}D:\install\mirc\mirc.exe" = protocol=17 | dir=in | app=d:\install\mirc\mirc.exe |
"UDP Query User{E7F96385-966D-4372-B39E-37C5162884C6}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{792A453A-EB3B-48C7-BAEA-14E38B04D278}" = ESET NOD32 Antivirus
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90F00673-A276-4A58-B675-B426D39D1E09}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B87758B5-E39F-4476-B84B-562470524603}" = Topaz Denoise 3 (64-bit)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"44D0E75D0F17B16C080D9EB1151844CB5929D67F" = Balíček ovladače systému Windows - Ralink (netr28ux) Net (01/20/2010 3.00.11.0000)
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Icaros_is1" = Icaros 2.2.0
"MediaCoder x64" = MediaCoder x64 0.8.18.5360
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SMSERIAL" = Motorola SM56 Data Fax Modem
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{06D085C8-1F00-11B2-96A7-8f0CE39193ED}" = Intel® SSD Toolbox
"{07E900C8-D1E3-4C24-AC9F-7FE3C1AE19A2}_is1" = Mal Updater 2.80
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.8
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{34B61214-F4D3-4449-A918-F52A36FB2F71}" = msi LED Manager
"{390B7821-3CDE-4579-B940-B0A06B86136A}" = Topaz Denoise 3
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89704656-98FA-4EB0-9CC9-9C9839255FA0}" = Intel(R) Update Manager
"{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EE7DE8E-85D3-48D8-A47B-64D7F4B5207A}" = Snapseed
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}" = EasyFace2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC968B0F-024A-4323-BD6B-C2A85D183F34}" = GHOST
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}" = inSSIDer
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBDF64A5-44E0-4ECF-B5B3-FE8EF961CF13}" = LockIndicator
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1" = Cube World version 0.0.1
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCA963D4-6AA2-11E2-80AA-984BE15F174E}" = Evernote v. 4.6.2
"{DDFAA49C-2B1D-4808-B43A-4AAFF0475B04}" = Plus Pack for Acronis True Image Home 2012
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.00
"AIMP3" = AIMP3
"Album Art Downloader XUI" = Album Art Downloader XUI 0.45
"Any Video Converter 5_is1" = Any Video Converter 5 5.0.3
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Borderlands 2_is1" = Borderlands 2
"BurnAware Professional_is1" = BurnAware Professional 6.1
"CDisplay_is1" = CDisplay 1.8
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-05-30
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX Setup
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Easy CD-DA Extractor 2010" = Easy CD-DA Extractor 2010
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FileHippo.com" = FileHippo.com Update Checker
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.9.2
"CheckCRC" = CRC32 Calculator - CheckCRC
"Indeo® Software" = Indeo® Software
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"mediainfolite_is1" = MediaInfo Lite 0.7.61
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"mIRC" = mIRC
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"MPE" = MyPhoneExplorer
"Neverwinter" = Neverwinter
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter
"SpeedFan" = SpeedFan (remove only)
"Steam App 105600" = Terraria
"Steam App 12210" = Grand Theft Auto IV
"Steam App 1250" = Killing Floor
"Steam App 200710" = Torchlight II
"Steam App 204300" = Awesomenauts
"Steam App 207170" = Legend of Grimrock
"Steam App 218" = Source SDK Base 2007
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 230410" = Warframe
"Steam App 240" = Counter-Strike: Source
"Steam App 38600" = Faerie Solitaire
"Steam App 440" = Team Fortress 2
"Steam App 49600" = Beat Hazard
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8190" = Just Cause 2
"Steam App 91600" = Sanctum
"The KMPlayer" = The KMPlayer
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V9.35
"uTorrent" = µTorrent
"VGhlIEluY3JlZGlibGUgQWR2ZW50dXJlcyBvZiBWYW4gSGVsc2luZw==_is1" = The Incredible Adventures of Van Helsing (c) NeocoreGames version 1
"webmmf" = WebM Media Foundation Components
"WheelMouse" = Advanced Wheel Mouse 6.0.0.001
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.62

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
"KindlePreviewer" = KindlePreviewer
"LastPass" = LastPass (uninstall only)
"NetTraffic" = NetTraffic
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.7.2012 3:11:34 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:11:39 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:11:47 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:11:49 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:11:52 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:11:55 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1017
Description =

Error - 6.7.2012 3:18:46 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1001
Description =

Error - 6.7.2012 3:27:24 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1001
Description =

Error - 6.7.2012 3:27:38 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1001
Description =

Error - 6.7.2012 3:27:59 | Computer Name = MSI-LUKAS | Source = Office Software Protection Platform Service | ID = 1001
Description =

Error encountered while reading event logs.

< End of report >

#8 Příspěvek od **vyosek** » 18 črc 2013 19:14

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 AD E5 94 1A 33 CB 01 [binary data]
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes,DefaultScope = {BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..\SearchScopes\{BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.systemrequirementslab.co ... 4.24.0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2013.07.18 14:08:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.18 09:26:40 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job
[2013.07.18 13:58:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job
[2013.07.17 15:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job
[2013.07.18 13:19:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job
@Alternate Data Stream - 5632 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:DE406C3E
@Alternate Data Stream - 1536 bytes -> C:\Users\Resshi\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\Resshi\Desktop\desktop.ini:gs5sys
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\System32\zlib.dll:DocumentSummaryInformation

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"DAEMON Tools Lite"=-
"Infium"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Jyxo · #9 Příspěvek od **Jyxo** » 18 črc 2013 20:31

Tady je:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB109E3-8AAE-4BCC-8C7E-9A14F24DD3B5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-4272719917-2536357416-3940710006-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Starting removal of ActiveX control {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E}
C:\Windows\Downloaded Program Files\SystemRequirementsLab.inf not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A65.tmp\Microsoft.Build.Tasks.v3.5.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A65.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE14A.tmp\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE14A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP374C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6136.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAEB6.tmp folder deleted successfully.
C:\Windows\System32\lMMLDeleteUserData42107612FX.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f8d57824fa3.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7f8d57a875d2.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4272719917-2536357416-3940710006-1001UA1ce7f01cd27c5fa.job moved successfully.
ADS C:\ProgramData:gs5sys deleted successfully.
ADS C:\ProgramData\TEMP:DE406C3E deleted successfully.
ADS C:\Users\Resshi\Documents\desktop.ini:gs5sys deleted successfully.
ADS C:\Users\Resshi\Desktop\desktop.ini:gs5sys deleted successfully.
ADS C:\Windows\SysWow64\zlib.dll:SummaryInformation deleted successfully.
ADS C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation deleted successfully.
Unable to delete ADS C:\Windows\System32\zlib.dll:SummaryInformation .
Unable to delete ADS C:\Windows\System32\zlib.dll:DocumentSummaryInformation .
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Resshi
->Temp folder emptied: 1499562 bytes
->Temporary Internet Files folder emptied: 1168997 bytes
->Java cache emptied: 15775 bytes
->FireFox cache emptied: 5294000 bytes
->Google Chrome cache emptied: 367244009 bytes
->Flash cache emptied: 57149 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 134402 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50702 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 668 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 358,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Resshi
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Resshi
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07182013_212758

Files\Folders moved on Reboot...
C:\Users\Resshi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Resshi\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#10 Příspěvek od **vyosek** » 18 črc 2013 20:32

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

VIRY.CZ

NOD32 - Adresa byla zablokována

NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována

Re: NOD32 - Adresa byla zablokována