policia my zablokovala pc ------- otm

[Dominik20]

All processes killed
========== FILES ==========
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec4e0e2d2fcb.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP folder moved successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Urban
->Temp folder emptied: 14878939374 bytes
->Temporary Internet Files folder emptied: 316319006 bytes
->Google Chrome cache emptied: 261794189 bytes
->Flash cache emptied: 840 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 233472 bytes
%systemroot%\System32\drivers .tmp files removed: 73728 bytes
Windows Temp folder emptied: 2270257884 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 9959806 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 16 916,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Urban
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Urban

Total Java Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 10142013_173851

[vyosek]

Zdravim

Ten OTM Vam poradil kdo prosim?? Vy s nim umite pracovat = psat do nej skripty??

[Dominik20]

nasiel aom to tuna na fore

[vyosek]

Jo, jenze OTM vykonava jen prikazy ze skriptu a ty jsou pro kazdeho zivatele jine

Navic pravidla fora na toto mysli a varuji

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je! Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

Dejte sem tedy log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784 a podivame se na to

[Dominik20]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Urban at 2013-10-15 18:15:57
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 31 GB (15%) free of 210 GB
Total RAM: 2814 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:16:09, on 15. 10. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\WTClient.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Urban\Downloads\RSIT.exe
C:\Program Files\trend micro\Urban.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (file missing)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll (file missing)
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "D:\Hra o tróny\Steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sid Registration.lnk = F:\ATR1.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Plus Web Player Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (file missing)
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (file missing)
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (file missing)
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (file missing)
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\Windows\System32\Drivers\WTSRV.EXE

--
End of file - 10506 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL [2012-07-25 89016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{B922D405-6D13-4A2B-AE89-08A030DA4402} -
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-10 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 497024]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-18 98304]
""= []
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\ssmmgr.exe [2009-08-15 614400]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-05-20 450560]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]
"WTClient"=C:\Windows\system32\WTClient.exe [2009-08-19 32768]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-08-19 5110160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-02-03 39408]
"Steam"=D:\Hra o tróny\Steam.exe [2013-02-15 1597864]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-09-07 4287536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

C:\Users\Urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sid Registration.lnk - F:\ATR1.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"msacm.ac3filter"=ac3filter.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-15 18:15:57 ----D---- C:\rsit
2013-10-15 18:15:57 ----D---- C:\Program Files\trend micro
2013-10-14 17:38:51 ----D---- C:\_OTM
2013-10-11 01:19:42 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 01:19:42 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 01:19:41 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 01:19:41 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 01:19:40 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 01:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 01:19:39 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 01:19:37 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 01:19:37 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 01:19:34 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 08:02:11 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 08:02:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 08:02:11 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 08:02:10 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 08:02:10 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 08:02:10 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 08:02:09 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 08:02:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 08:02:09 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 08:02:09 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 08:02:02 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 08:02:01 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 08:02:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 08:02:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-10-10 08:02:01 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 08:02:00 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 08:01:54 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-10 08:01:52 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 08:01:49 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 08:01:49 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 08:01:38 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-07 22:34:54 ----D---- C:\ProgramData\ESET
2013-10-07 22:34:54 ----D---- C:\Program Files\ESET
2013-10-07 21:51:32 ----D---- C:\Windows\system32\Adobe
2013-09-30 00:30:55 ----D---- C:\Program Files\NVIDIA Corporation
2013-09-28 11:20:33 ----D---- C:\Windows\stepmania.com
2013-09-28 11:20:10 ----A---- C:\Windows\stepmania.com Setup Log.txt
2013-09-27 21:20:16 ----D---- C:\Users\Urban\AppData\Roaming\StepMania 4
2013-09-21 15:21:25 ----D---- C:\Users\Urban\AppData\Roaming\File Scout

======List of files/folders modified in the last 1 month======

2013-10-15 18:15:59 ----D---- C:\Windows\Temp
2013-10-15 18:15:57 ----RD---- C:\Program Files
2013-10-15 17:25:53 ----D---- C:\Windows\system32\config
2013-10-15 12:36:41 ----SHD---- C:\System Volume Information
2013-10-14 17:42:44 ----D---- C:\Windows\system32\drivers
2013-10-14 17:42:44 ----D---- C:\Windows\System32
2013-10-14 17:39:02 ----D---- C:\Windows\system32\drivers\etc
2013-10-14 17:39:02 ----D---- C:\Windows
2013-10-14 17:38:53 ----D---- C:\Windows\Tasks
2013-10-14 01:25:33 ----D---- C:\Users\Urban\AppData\Roaming\uTorrent
2013-10-13 15:17:03 ----D---- C:\Windows\Prefetch
2013-10-12 23:32:51 ----D---- C:\Windows\winsxs
2013-10-12 02:32:05 ----D---- C:\Windows\system32\DriverStore
2013-10-11 15:29:57 ----D---- C:\Windows\Microsoft.NET
2013-10-11 15:29:16 ----RSD---- C:\Windows\assembly
2013-10-11 10:16:41 ----SD---- C:\Users\Urban\AppData\Roaming\Microsoft
2013-10-11 08:10:16 ----D---- C:\Windows\inf
2013-10-11 08:10:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-11 08:02:56 ----D---- C:\Windows\system32\en-US
2013-10-11 08:02:56 ----D---- C:\Program Files\Internet Explorer
2013-10-11 08:02:05 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 06:30:23 ----SHD---- C:\Windows\Installer
2013-10-11 06:30:23 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 06:28:04 ----D---- C:\Windows\system32\MRT
2013-10-11 01:21:58 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 01:19:57 ----D---- C:\Windows\system32\catroot
2013-10-11 01:19:56 ----D---- C:\Windows\system32\catroot2
2013-10-10 17:14:30 ----SD---- C:\ProgramData\Microsoft
2013-10-09 13:09:43 ----D---- C:\Windows\system32\Tasks
2013-10-08 22:57:16 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-08 01:12:42 ----D---- C:\Program Files\pdfforge Toolbar
2013-10-08 01:12:42 ----D---- C:\Program Files\BrowserCompanion
2013-10-07 22:34:54 ----HD---- C:\ProgramData
2013-10-02 13:31:39 ----D---- C:\Users\Urban\AppData\Roaming\vlc
2013-10-01 20:08:24 ----D---- C:\Users\Urban\AppData\Roaming\U3
2013-09-27 14:19:39 ----HD---- C:\Program Files\InstallShield Installation Information
2013-09-26 22:05:40 ----D---- C:\Windows\system32\NDF
2013-09-26 19:00:04 ----D---- C:\ProgramData\Skype
2013-09-26 19:00:03 ----RD---- C:\Program Files\Skype
2013-09-17 10:05:38 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 66176]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 31872]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-06-17 14392]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 134248]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-08-20 122376]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-30 18048]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 5120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 104976]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-18 5140480]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-08-24 140376]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver; C:\Windows\system32\DRIVERS\JME.sys [2010-10-05 113632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 PTSimBus;PenTablet Bus Enumerator; C:\Windows\system32\DRIVERS\PTSimBus.sys [2009-06-22 23208]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-09-29 36992]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-30 271360]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 38400]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 PTSimHid;PenTablet Simulated HID MiniDriver; C:\Windows\system32\DRIVERS\PTSimHid.sys [2009-06-22 14504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 Tablet2k;Serial Tablet Port Driver; C:\Windows\System32\Drivers\Tablet2k.sys []
S3 TClass2k;Tablet Class Driver; C:\Windows\system32\DRIVERS\TClass2k.sys [2009-06-22 23208]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 UCTblHid;HID Tablet Port Driver; C:\Windows\system32\DRIVERS\UCTblHid.sys [2009-06-22 19624]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-18 172032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-08-19 1337240]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-06-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2013-06-24 107832]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
R2 WinTabService;WinTab Service; C:\Windows\System32\Drivers\WTSRV.EXE [2009-09-23 73728]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-10-19 160944]
S2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-01-27 117264]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-01-29 541608]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-03 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna.

[Dominik20]

ano

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Dominik20]

6,65 Gb Paging File | 5,13 Gb Available in Paging File | 77,18% Paging File free
Paging file location(s): c:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205,45 Gb Total Space | 29,98 Gb Free Space | 14,59% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 23,51 Gb Free Space | 6,02% Space Free | Partition Type: NTFS
Drive F: | 1,86 Gb Total Space | 1,55 Gb Free Space | 82,87% Space Free | Partition Type: FAT

Computer Name: DOMINIK | User Name: Urban | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/10/15 19:13:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Urban\Downloads\OTL.exe
PRC - [2013/10/03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/07 14:29:44 | 004,287,536 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2013/08/19 15:08:26 | 001,337,240 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2013/08/19 15:08:10 | 005,110,160 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/12/14 11:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/06/28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011/11/18 18:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/06/25 09:18:42 | 000,836,896 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/11/18 21:45:58 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/11/18 21:45:28 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/09/23 14:34:04 | 000,073,728 | ---- | M] (Tablet Driver) -- C:\Windows\System32\drivers\WTSrv.exe
PRC - [2009/08/19 18:24:22 | 000,032,768 | ---- | M] (Tablet Driver) -- C:\Windows\System32\WTClient.exe
PRC - [2009/08/15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009/07/30 19:44:10 | 000,497,024 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/11 08:07:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 08:06:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/10 07:57:01 | 013,584,776 | ---- | M] () -- C:\Users\Urban\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
MOD - [2013/10/03 08:03:05 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppgooglenaclpluginchrome.dll
MOD - [2013/10/03 08:03:03 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
MOD - [2013/10/03 08:02:12 | 000,698,832 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
MOD - [2013/10/03 08:02:11 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\libegl.dll
MOD - [2013/10/03 08:02:09 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
MOD - [2013/09/13 07:54:49 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/13 07:54:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/07 14:29:44 | 004,287,536 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2013/08/14 09:43:29 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 09:43:07 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f2e5378561f764edc55f1de44264019b\System.Xml.ni.dll
MOD - [2013/08/14 09:42:59 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 15:48:57 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/02/13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/12/17 14:01:23 | 001,703,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3609.23390__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:23 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3609.23357__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:23 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3609.23260__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:23 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3609.23281__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:23 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3609.23336__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:23 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3609.23269__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3609.23316__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:23 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3609.23306__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:23 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3609.23275__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:23 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3609.23270__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:22 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3609.23385__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3609.23308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3609.23282__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3609.23331__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:22 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3609.23322__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3609.23282__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3609.23356__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3609.23308__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:22 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3609.23322__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:22 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3609.23313__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3609.23358__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:22 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3609.23321__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:22 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3609.23356__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3609.23313__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3609.23390__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:21 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3609.23307__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:21 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3609.23302__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:21 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3609.23315__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:21 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3609.23286__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011/12/17 14:01:21 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/12/17 14:01:21 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3609.23306__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/12/17 14:01:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3609.23286__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3609.23307__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:21 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3609.23315__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011/12/17 14:01:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3589.25791__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/12/17 14:01:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3589.25794__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/12/17 14:01:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3589.25834__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3589.25817__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3589.25837__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3589.25917__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3589.25847__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3589.25951__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3589.25922__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3589.25854__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3589.25916__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/12/17 14:01:21 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/12/17 14:01:20 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3609.23384__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011/12/17 14:01:20 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3609.23345__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/12/17 14:01:20 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3609.23275__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/12/17 14:01:20 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3589.25814__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3609.23351__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/12/17 14:01:20 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3589.25796__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/12/17 14:01:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3609.23350__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/12/17 14:01:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3589.25859__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3589.25848__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3589.25945__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3589.25846__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3589.25888__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3609.23363__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/12/17 14:01:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3589.25806__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/12/17 14:01:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3589.25905__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3589.25831__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3589.25857__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3589.25801__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/12/17 14:01:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3589.26042__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/12/17 14:01:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3589.25901__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3589.25893__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3589.25912__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3589.25825__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3589.25839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/12/17 14:01:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3589.25822__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3589.25862__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3589.25819__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3589.25856__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3589.25829__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3589.25810__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3589.25907__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3589.25838__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3589.25858__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/12/17 14:01:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/12/17 14:01:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3589.25832__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3589.25896__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3589.25844__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3589.25836__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/12/17 14:01:20 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3609.23257__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/12/17 14:01:19 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3609.23265__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/12/17 14:01:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3609.23257__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/12/17 14:01:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3609.23255__90ba9c70f846762e\APM.Server.dll
MOD - [2011/12/17 14:01:19 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3609.23259__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011/12/17 14:01:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3589.25849__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/12/17 14:01:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3609.23256__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/12/17 14:01:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3589.25826__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/12/17 14:01:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/12/17 14:01:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3589.25851__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/12/17 14:01:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3589.25865__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011/12/17 14:01:19 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3609.23351__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/11/18 18:14:48 | 000,788,992 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
MOD - [2011/08/25 15:02:18 | 001,425,920 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
MOD - [2011/03/31 16:36:46 | 000,167,424 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
MOD - [2011/03/02 13:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/06/25 09:18:52 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009/09/24 17:16:14 | 000,200,704 | ---- | M] () -- C:\Windows\System32\WinTab32.dll
MOD - [2009/08/15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2008/10/23 11:21:32 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard)
SRV - [2013/10/08 22:57:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/08/19 15:08:26 | 001,337,240 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/29 21:30:35 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/14 11:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/10/19 17:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/03 20:33:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/27 04:09:02 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/11/18 21:45:28 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/09/23 14:34:04 | 000,073,728 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\System32\drivers\WTSrv.exe -- (WinTabService)
SRV - [2009/07/26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Tablet2k.sys -- (Tablet2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2013/08/20 11:50:28 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013/08/20 11:50:28 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013/08/20 11:50:28 | 000,122,376 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2012/03/30 21:45:19 | 000,271,360 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012/03/30 21:45:18 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/11/12 00:15:44 | 000,066,176 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2010/11/12 00:15:44 | 000,031,872 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2010/10/05 18:12:34 | 000,113,632 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010/09/29 23:19:58 | 000,036,992 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/08/24 18:11:46 | 000,140,376 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2010/06/17 12:15:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010/04/12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/01/27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2010/01/05 04:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009/11/18 22:20:36 | 005,140,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/09/30 17:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/06/22 09:58:46 | 000,019,624 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2009/06/22 09:58:36 | 000,023,208 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2009/06/22 09:58:22 | 000,014,504 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTSimHid.sys -- (PTSimHid)
DRV - [2009/06/22 09:58:06 | 000,023,208 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PTSimBus.sys -- (PTSimBus)
DRV - [2009/06/09 04:18:16 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2008/01/10 19:34:44 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007/07/31 03:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... F06DA4007B}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP ... n&tsp=4992
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 57 CA BC 76 E2 CC 01 [binary data]
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\InprocServer32 File not found
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... FA_skSK469
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?se ... LiTc0&i=26
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{DA4E7C8E-0D94-4D5D-AD2B-A3E5DE59F6DA}: "URL" = http://search.babylon.com/?q={searchTer ... cf305db5a6
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{E1CAE6FE-74AF-457B-B6F1-625A9F56B2BE}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... F06DA4007B}
IE - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Urban\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/07/09 14:49:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/10/07 22:34:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

[2012/02/17 12:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Urban\AppData\Roaming\mozilla\Firefox\extensions
[2012/02/17 12:13:13 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Urban\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013/09/01 17:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Urban\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012/07/04 19:34:11 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Urban\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2013/02/02 04:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Urban\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2013/02/02 04:14:59 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Urban\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi
[2012/07/29 16:37:16 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Urban\AppData\Roaming\mozilla\firefox\profiles\extensions\gophoto@gophoto.it.xpi
[2012/07/04 19:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www2.delta-search.com/?babsrc=HP ... n&tsp=4992
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Urban\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - Extension: Dokumenty Google = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Game of Thrones: Targaryen = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjgpcbclcdefijdpgjnkmiifmngkgeo\1.0.1_0\
CHR - Extension: Gmail = C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/10/14 17:39:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll File not found
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-112127421-3188988723-2501912363-1000\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WTClient] C:\Windows\System32\WTClient.exe (Tablet Driver)
O4 - HKU\S-1-5-21-112127421-3188988723-2501912363-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-112127421-3188988723-2501912363-1000..\Run: [Steam] D:\Hra o tróny\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sid Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivX Plus Web Player Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13C4C478-CAB2-4D83-95A4-17E6F41A85C3}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4793DEB1-1808-4034-BB7D-538B57707817}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{db21cefa-37e2-11e1-8517-74f06da4007b}\Shell - "" = AutoRun
O33 - MountPoints2\{db21cefa-37e2-11e1-8517-74f06da4007b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Mafia2.part01.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchBFII.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/10/15 18:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/10/15 18:15:57 | 000,000,000 | ---D | C] -- C:\rsit
[2013/10/14 17:38:51 | 000,000,000 | ---D | C] -- C:\_OTM
[2013/10/11 10:00:32 | 000,000,000 | --SD | C] -- C:\Users\Urban\Documents\Zdroje údajov
[2013/10/11 08:16:08 | 000,000,000 | ---D | C] -- C:\Users\Urban\Documents\Battlefield 3
[2013/10/11 01:19:42 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/11 01:19:42 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/11 01:19:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/10/11 01:19:41 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/11 01:19:40 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/11 01:19:40 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 01:19:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/10/11 01:19:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/10/11 01:19:40 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/10/11 01:19:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/10/10 08:02:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/10/10 08:02:11 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/10/10 08:02:01 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/10/10 08:02:01 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/10/10 08:02:01 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013/10/10 08:02:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 08:02:00 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 08:02:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/10/10 08:02:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 08:02:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013/10/10 08:01:54 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013/10/10 08:01:52 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

========== Files - Modified Within 7 Days ==========

[2013/10/15 19:21:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/10/15 18:20:20 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/15 18:20:20 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/15 17:13:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/15 17:13:14 | 2212,880,384 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/14 17:39:02 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/10/12 23:32:33 | 000,447,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/11 08:10:16 | 000,652,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/11 08:10:16 | 000,121,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/10 17:18:16 | 000,000,017 | ---- | M] () -- C:\Users\Urban\AppData\Local\resmon.resmoncfg
[2013/10/08 22:57:16 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/08 22:57:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/10/15 19:21:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/10/10 17:18:16 | 000,000,017 | ---- | C] () -- C:\Users\Urban\AppData\Local\resmon.resmoncfg
[2013/09/11 07:56:06 | 000,003,315 | ---- | C] () -- C:\Windows\Tablet5500x4000.ini
[2013/09/06 08:00:58 | 000,003,342 | ---- | C] () -- C:\Windows\Tablet5500x4000M.ini
[2013/09/05 19:30:50 | 000,200,704 | ---- | C] () -- C:\Windows\System32\WinTab32.dll
[2013/09/05 19:30:50 | 000,056,320 | ---- | C] () -- C:\Windows\System32\UCMfg.exe
[2013/09/05 19:30:50 | 000,010,240 | ---- | C] () -- C:\Windows\System32\ucinst32.dll
[2013/09/05 19:30:48 | 000,335,872 | ---- | C] () -- C:\Windows\SetupX32.EXE
[2013/09/05 19:30:47 | 000,212,992 | ---- | C] () -- C:\Windows\System32\HCCall.exe
[2013/09/05 19:30:47 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lhtool.exe
[2013/05/30 10:34:41 | 000,000,087 | ---- | C] () -- C:\Windows\System32\EpfwUser.dat
[2013/05/07 10:24:54 | 000,227,404 | ---- | C] () -- C:\Windows\System32\libbysquare.dll
[2013/05/03 14:26:02 | 001,294,335 | ---- | C] () -- C:\Windows\System32\libcairo-2.dll
[2013/05/03 14:26:02 | 000,987,136 | ---- | C] () -- C:\Windows\System32\libxml2.dll
[2013/05/03 14:26:02 | 000,551,096 | ---- | C] () -- C:\Windows\System32\freetype6.dll

[Dominik20]

[2013/05/03 14:26:02 | 000,279,059 | ---- | C] () -- C:\Windows\System32\libfontconfig-1.dll
[2013/05/03 14:26:02 | 000,230,529 | ---- | C] () -- C:\Windows\System32\libpng14-14.dll
[2013/05/03 14:26:02 | 000,143,096 | ---- | C] () -- C:\Windows\System32\libexpat-1.dll
[2013/05/03 14:26:02 | 000,077,824 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2012/12/22 22:57:00 | 000,081,920 | ---- | C] () -- C:\Windows\OLE2TASK.DAT
[2012/05/26 15:09:18 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2012/05/26 15:08:59 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll
[2012/04/20 23:57:31 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/04/20 23:57:30 | 000,022,328 | ---- | C] () -- C:\Users\Urban\AppData\Roaming\PnkBstrK.sys
[2012/04/20 23:57:04 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/04/20 23:56:58 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/04/20 23:56:53 | 002,250,024 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2012/03/30 21:45:19 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012/03/30 21:45:18 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012/03/26 11:25:51 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2012/03/09 17:01:40 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012/02/21 17:14:26 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/02/21 17:11:37 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/12/17 14:07:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/17 14:00:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/12/17 14:00:20 | 000,196,565 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/12/17 14:00:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2003/02/10 02:13:10 | 000,000,416 | -H-- | C] () -- C:\ProgramData\systmsp2pb6
[2001/08/15 13:48:11 | 000,000,536 | -H-- | C] () -- C:\Users\Urban\AppData\Roaming\winpmltspb6

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/08/14 21:16:48 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Babylon
[2012/03/05 15:13:00 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Canon
[2013/09/08 15:24:10 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\DarknessII
[2012/02/18 02:29:02 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Day 1 Studios
[2013/09/21 15:21:25 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\File Scout
[2012/06/20 12:40:48 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\GetRightToGo
[2013/09/01 16:56:52 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\GoforFiles
[2013/08/05 23:29:27 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Leadertech
[2013/06/07 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Lionhead Studios
[2013/05/20 21:25:13 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Little Games Company
[2012/04/22 00:25:14 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\LolClient
[2012/06/14 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\LolClient2
[2013/08/07 08:45:41 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Milestone
[2013/08/07 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\MKKE
[2013/07/03 11:55:06 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Mount&Blade Warband
[2013/07/03 16:04:50 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/04/12 18:19:29 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\PDM
[2013/09/27 21:20:16 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\StepMania 4
[2012/05/25 08:47:45 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\thriXXX
[2012/04/14 13:22:16 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\TP-LINK
[2012/01/14 23:10:53 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Ubisoft
[2013/05/31 18:00:44 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Unity
[2013/10/14 01:25:33 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\uTorrent
[2013/08/20 10:50:28 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\wargaming.net
[2012/03/01 23:41:28 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Wireshark
[2012/03/08 14:48:31 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Xilisoft
[2012/08/26 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\YourFileDownloader

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:53:46 | 000,032,512 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/09/29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013/05/08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013/09/07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012/08/22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013/01/04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013/09/08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013/09/08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013/05/08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012/10/03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012/08/22 22:22:00 | 000,209,269 | ---- | M] () -- C:\torrent.exe
[2009/10/01 08:43:20 | 021,305,259 | ---- | M] (Shark007) -- C:\Vista-Codec-Package_5.4.3.exe
[2010/11/28 17:04:20 | 026,926,882 | ---- | M] (Shark007) -- C:\Win7codecs_v269.exe
[2009/10/01 08:41:04 | 007,855,400 | ---- | M] () -- C:\XP-Codec-Pack-2.5.0.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/10/26 12:58:54 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Adobe
[2011/12/17 14:07:41 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\ATI
[2012/08/14 21:16:48 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Babylon
[2012/03/05 15:13:00 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Canon
[2013/09/08 15:24:10 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\DarknessII
[2012/02/18 02:29:02 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Day 1 Studios
[2012/10/30 08:54:50 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\DivX
[2012/03/21 21:23:35 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\dvdcss
[2013/09/21 15:21:25 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\File Scout
[2012/06/20 12:40:48 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\GetRightToGo
[2013/09/01 16:56:52 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\GoforFiles
[2012/02/03 19:48:11 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Google
[2012/10/26 12:33:53 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\HpUpdate
[2013/04/12 13:50:42 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Identities
[2011/12/17 13:57:15 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\InstallShield
[2013/08/05 23:29:27 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Leadertech
[2013/06/07 20:49:10 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Lionhead Studios
[2013/05/20 21:25:13 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Little Games Company
[2012/04/22 00:25:14 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\LolClient
[2012/06/14 16:11:52 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\LolClient2
[2012/02/03 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Macromedia
[2009/07/14 09:50:20 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Media Center Programs
[2013/10/11 10:16:41 | 000,000,000 | --SD | M] -- C:\Users\Urban\AppData\Roaming\Microsoft
[2012/05/02 21:47:04 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Microsoft Games
[2013/08/07 08:45:41 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Milestone
[2013/08/07 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\MKKE
[2013/07/03 11:55:06 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Mount&Blade Warband
[2013/07/03 16:04:50 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/02/17 12:13:13 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Mozilla
[2012/04/12 18:19:29 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\PDM
[2013/02/28 17:29:47 | 000,000,000 | RH-D | M] -- C:\Users\Urban\AppData\Roaming\SecuROM
[2013/09/08 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Skype
[2013/09/27 21:20:16 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\StepMania 4
[2012/05/25 08:47:45 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\thriXXX
[2012/04/14 13:22:16 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\TP-LINK
[2013/10/01 20:08:24 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\U3
[2012/01/14 23:10:53 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Ubisoft
[2013/05/31 18:00:44 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Unity
[2013/10/14 01:25:33 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\uTorrent
[2013/10/02 13:31:39 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\vlc
[2013/08/20 10:50:28 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\wargaming.net
[2013/01/11 14:40:29 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Winamp
[2012/01/06 01:08:41 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\WinRAR
[2012/03/01 23:41:28 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Wireshark
[2012/03/08 14:48:31 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\Xilisoft
[2012/08/26 20:56:25 | 000,000,000 | ---D | M] -- C:\Users\Urban\AppData\Roaming\YourFileDownloader

< %APPDATA%\*.exe /s >
[2013/09/03 10:34:26 | 000,259,584 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\File Scout\filescout.exe
[2013/09/21 15:21:25 | 000,062,902 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\File Scout\uninst.exe
[2013/04/12 13:50:42 | 005,292,544 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\Identities\svhost.exe
[2007/10/23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\U3\3146721405934414\cleanup.exe
[2008/05/02 10:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Urban\AppData\Roaming\U3\3146721405934414\Launchpad Removal.exe
[2008/05/04 16:02:26 | 004,603,904 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\U3\3146721405934414\LaunchPad.exe
[2007/10/23 09:44:48 | 000,054,584 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\U3\3146721405934414\U3AccessGrant.exe
[2007/10/23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Urban\AppData\Roaming\U3\temp\cleanup.exe
[2008/05/02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Urban\AppData\Roaming\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/11/18 21:46:26 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/11/18 21:46:26 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/10/15 18:20:20 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/15 18:20:20 | 000,017,168 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/12 23:32:33 | 000,447,544 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT

< %SYSTEMDRIVE%\*.exe >
[2012/08/22 22:22:00 | 000,209,269 | ---- | M] () -- C:\torrent.exe
[2009/10/01 08:43:20 | 021,305,259 | ---- | M] (Shark007) -- C:\Vista-Codec-Package_5.4.3.exe
[2010/11/28 17:04:20 | 026,926,882 | ---- | M] (Shark007) -- C:\Win7codecs_v269.exe
[2009/10/01 08:41:04 | 007,855,400 | ---- | M] () -- C:\XP-Codec-Pack-2.5.0.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2012/02/03 18:58:55 | 000,039,408 | ---- | M] (Google Inc.)
"Steam" = "D:\Hra o tróny\Steam.exe" -silent -- [2013/02/15 10:47:37 | 001,597,864 | ---- | M] (Valve Corporation)
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2013/09/07 14:29:44 | 004,287,536 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/09/23 01:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/10/03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.) MD5=0D3745CA2F064F2D6B6388C6AA5D3BC7 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/10/15 19:21:18 | 000,000,512 | ---- | M] () MD5=3C215108927C379755A0BC0779D5A8A6 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013/08/05 23:30:39 | 000,000,996 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Office\Recent\NO-CD crack.LNK
[2013/10/10 08:15:53 | 000,000,639 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\Fable-III-3-+-Serial-+-Crack---SKIDROW.lnk
[2013/10/09 08:34:49 | 000,000,642 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\Mafia-2-Crack.lnk
[2013/08/14 18:00:36 | 000,000,662 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\Max-Payne-3---Crack-SKIDROW.lnk
[2013/08/14 18:05:37 | 000,000,707 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\Max-Payne-3-crack-1.0.0.78.lnk
[2013/08/30 21:07:32 | 000,000,752 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\Star-Wars---Republic-Commando---funkcni-crack.lnk
[2013/02/02 04:08:48 | 000,009,652 | ---- | M] () -- \Users\Urban\AppData\Roaming\uTorrent\Fable3crack-SR-BTARENA.rar.torrent
[2013/03/14 12:49:38 | 004,514,346 | ---- | M] () -- \Users\Urban\Desktop\Programy z plochy\dishonored cestina\Dishonored-Crack-Skidrow-Up.-by-WeZZi-CZ.rar
[2013/10/08 22:28:54 | 006,608,959 | ---- | M] () -- \Users\Urban\Downloads\Mafia-2-Crack.rar

< *keygen* /s >
[4 \ProgramData\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \ProgramData\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[4 \Users\All Users\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \Users\All Users\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[2013/08/14 02:48:18 | 000,000,617 | ---- | M] () -- \Users\Urban\AppData\Roaming\Microsoft\Windows\Recent\max-payne-3-keygen.lnk

< *loader* /s >
[2013/07/16 09:35:19 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2013/09/04 20:10:18 | 000,002,221 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2013/09/04 20:10:18 | 000,007,015 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2013/09/04 20:10:18 | 000,003,974 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2013/09/04 20:10:18 | 000,006,629 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2013/09/04 20:10:18 | 000,002,773 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2013/09/04 20:10:18 | 000,001,504 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2013/09/04 20:10:18 | 000,006,493 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2013/07/16 09:35:19 | 000,003,668 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013/09/04 20:10:18 | 000,006,907 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2013/08/16 06:04:42 | 001,269,360 | ---- | M] () -- \Omega\Downloader.EXE
[2013/10/15 19:02:06 | 000,000,038 | ---- | M] () -- \Omega\DownloaderVys.dat
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/11/09 16:28:52 | 000,022,574 | ---- | M] () -- \Program Files\GOG.com\The Witcher 2 Enhanced Edition\CookedPC\globals\gui\loadingscreens\loader.swf
[2009/10/06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 2050 J510 series\Bin\HelpViewer\Resources\Loader.gif
[2012/05/25 09:34:49 | 000,000,492 | ---- | M] () -- \Program Files\Image-Line\Downloader\fldownloader.log
[2012/05/03 18:38:36 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/21 04:03:06 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010/06/07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012/05/18 06:46:35 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010/06/10 16:58:26 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012/05/18 06:46:41 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010/06/09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2011/10/08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2011/10/08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2011/10/08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2011/10/08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2003/09/26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003/09/26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003/09/26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003/09/26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2012/10/19 16:48:08 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/10/19 16:48:08 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/10/19 16:48:08 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/10/19 16:48:08 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/10/19 16:48:08 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/10/19 16:48:08 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2010/08/24 16:09:00 | 000,005,274 | ---- | M] () -- \Users\Urban\AppData\Local\Microsoft\Toolbar\Applications\loader.xap
[2012/01/12 02:09:00 | 000,010,144 | ---- | M] () -- \Users\Urban\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2013/09/16 10:58:49 | 000,000,469 | ---- | M] () -- \Users\Urban\AppData\Roaming\Unity\WebPlayerPrefs\cdn_5ftx3_2egalapagosgames_2ecom\prefunity-scenes-loader_2eunity3d.upp
[2010/11/02 12:36:12 | 000,000,404 | ---- | M] () -- \Users\Urban\Desktop\UR\League of Legends\rads\projects\lol_air_client\releases\0.0.1.35\deploy\assets\storeImages\layout\small_loader.gif
[2011/06/21 12:26:48 | 000,942,080 | ---- | M] () -- \Users\Urban\Desktop\usb urban\8GB\Omega\Downloader.EXE
[2013/09/27 21:14:53 | 000,400,704 | ---- | M] () -- \Users\Urban\Downloads\SoftonicDownloader_for_stepmania.exe
[2013/07/03 14:25:14 | 000,273,219 | ---- | M] () -- \Users\Urban\Downloads\ytbdownloader.exe
[2013/10/15 19:02:06 | 000,045,336 | ---- | M] () -- \Windows\Prefetch\DOWNLOADER.EXE-46590A23.pf
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/09/05 11:43:36 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 09:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 09:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 09:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012/02/26 22:29:59 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012/02/26 22:29:59 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012/02/26 22:29:59 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 09:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[Dominik20]

OTL Extras logfile created on: 15. 10. 2013 19:19:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Urban\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,75 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 59,59% Memory free
6,65 Gb Paging File | 5,13 Gb Available in Paging File | 77,18% Paging File free
Paging file location(s): c:\pagefile.sys 4000 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205,45 Gb Total Space | 29,98 Gb Free Space | 14,59% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 23,51 Gb Free Space | 6,02% Space Free | Partition Type: NTFS
Drive F: | 1,86 Gb Total Space | 1,55 Gb Free Space | 82,87% Space Free | Partition Type: FAT

Computer Name: DOMINIK | User Name: Urban | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Urban\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0752A191-91A7-4A5A-ABEA-9BD26576D05E}" = lport=58341 | protocol=6 | dir=in | name=pando media booster |
"{16DEDAA6-3668-4859-8F98-BE542C385A8B}" = rport=139 | protocol=6 | dir=out | app=system |
"{23296AEB-C286-43BA-9895-3EC04D1E0359}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{285EC512-B940-40AD-B62B-12A35758FB51}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C4C7D97-9252-4183-87BD-1A4186001CB1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{330FE587-4FD7-4516-A784-4B250A832264}" = lport=58341 | protocol=17 | dir=in | name=pando media booster |
"{3514BFB9-21F7-43B8-8969-E402C9640147}" = lport=58250 | protocol=17 | dir=in | name=pando media booster |
"{38F3FB07-04EF-4990-9EB5-2FBA07A4FFD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4C3F29C0-9495-4767-A37F-CFA4568A2469}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D3988B5-E87C-4C6A-9031-1583FBD810E6}" = lport=58250 | protocol=6 | dir=in | name=pando media booster |
"{5F26B759-DB64-4A8C-8960-B3763D3D2641}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62258B56-D5A8-478B-9DE7-BFC222E1700A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{692EABE1-4DC7-453C-AE41-50C3D3EE6935}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6FE6957F-897B-4D6A-A2F9-E932C234BD6F}" = rport=138 | protocol=17 | dir=out | app=system |
"{7F12C32E-321D-4887-ABDB-6538C0806F47}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{855EBC48-6B69-47F1-8CDF-B668A9A2DBE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{862AE1BC-9B6B-44BD-8970-496DC3F4FC6B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FF29066-1B80-4ED2-BE73-60D937DBD752}" = lport=58250 | protocol=6 | dir=in | name=pando media booster |
"{97C359A6-DC6F-4D8D-895A-EFE88B9F5C28}" = lport=58250 | protocol=17 | dir=in | name=pando media booster |
"{A5E36C75-2824-459D-8F62-3F3E965184F5}" = rport=445 | protocol=6 | dir=out | app=system |
"{ACFE6A51-12CE-43BB-9E3B-A8E821F8F237}" = lport=445 | protocol=6 | dir=in | app=system |
"{B235FF47-79F1-4BC1-9276-8586689E6699}" = lport=139 | protocol=6 | dir=in | app=system |
"{C04B9AC4-DC22-4BA9-B164-B9B71000521E}" = rport=137 | protocol=17 | dir=out | app=system |
"{D30BBE61-6DE1-4C03-A09A-690F4601B3C5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D4EA6950-7B88-40E0-8FB7-662DF6D45A88}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D79E8186-BCB3-4500-8165-F4967CDDCFD9}" = lport=58341 | protocol=17 | dir=in | name=pando media booster |
"{E1C196FC-1610-417D-8520-EAA4374C4AF0}" = lport=138 | protocol=17 | dir=in | app=system |
"{ECA4C0F7-4459-42D0-9733-DAFA1FD0EAF4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F11419B3-01D8-4899-9F92-D84CD4C05B35}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F2B02C3E-A55E-41C9-8D18-319E747B9F9A}" = lport=58341 | protocol=6 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0541F787-B6EE-40CB-BDA9-630B2907779F}" = protocol=17 | dir=in | app=d:\tom clancy's h.a.w.x\hawx.exe |
"{055B0718-8B17-4D92-8044-FE35D2AD67FC}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{085B9F5D-93D5-479A-AD45-8EB86AAC8E35}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{0B1149D8-E4C6-485D-84AE-8CB65470BB4F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{0F8FC89E-0BFE-4879-84A9-463CA11C1CAC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{111C7D60-79A5-4B8B-9E61-0E40D7BEC7B2}" = protocol=6 | dir=in | app=d:\fable iii\fable3.exe |
"{1300F343-0169-4CC4-8549-7C794258838B}" = protocol=17 | dir=in | app=d:\mass effect\masseffectlauncher.exe |
"{135CD649-FF2F-4FB3-B3BA-273E25FAB53F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19A73020-795B-49BB-BCC3-3F882214C0D8}" = protocol=6 | dir=in | app=d:\tom clancy's h.a.w.x\hawx.exe |
"{1C23E835-DDF8-48C9-8390-17B09E6DD179}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{1D723493-E24C-4B7B-A6D3-B74E2CA86A4F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{1E64D4DE-1F95-4521-902D-776818E0B938}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{21EB2BA5-F740-4237-9BE8-382FB7EF3748}" = protocol=6 | dir=in | app=d:\crytek\crysis\bin32\crysis.exe |
"{226CD7DB-09C6-40E4-A646-E329F38483F9}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{26AF3EE6-AC47-4E3A-89FC-E7212689F632}" = protocol=17 | dir=in | app=d:\hra o tróny\steam.exe |
"{28067094-67EF-4C92-B1E4-F784C3E9C399}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{2981D341-E77E-4426-9BB8-981BD31CE3E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AEDA530-055E-4944-917E-151416414906}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{2DE7B56E-E8FB-4000-9437-27FE2F7A6C97}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2F1B0F9D-1B82-48B2-BED8-D0954FF81203}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{2F63FAB4-9EBD-404B-BCF6-FB5B1E8E9F80}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{2F977CAA-1263-49A2-AC19-679DCC9EFE4C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3001830F-6AB9-4431-9BDE-416454B9FAA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30892E82-A076-43FF-8568-E5FC00EC34BF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{30E12B02-134A-4182-ABA2-8F55AA4810D5}" = protocol=17 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"{3166E6FF-E6EE-4C22-B6A5-C1CB534E8244}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35B9AAC1-147B-4683-B64A-FE1D424A3FF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36CFB460-E035-4883-ABE9-E466BB28ADEC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{3D4C18A0-E919-4858-AE1F-9781C840A54C}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{3DBAED53-C190-4650-A2C7-4CE72CBE581C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{433BE290-5B41-4BD6-8F54-2D337BDC3CAC}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{446F24DA-3891-45DA-A93C-BE087B2426E4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4C27F1D5-56A6-43B4-BB50-E79C9C1A1DBA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C5ED4DA-9F8C-4F1B-85C5-A9875DDEAB48}" = protocol=17 | dir=in | app=d:\tom clancy's h.a.w.x\hawx_dx10.exe |
"{52CF836D-F7CF-486A-826A-A2BCC61FF68B}" = protocol=17 | dir=in | app=d:\gears of war\binaries\wargame-g4wlive.exe |
"{53117AAE-F9FF-40CE-AB9C-FA06FAAA39FC}" = protocol=17 | dir=in | app=d:\james cameron's avatar - the game\bin\avatar.exe |
"{53583866-C198-4E85-95EA-D5024E5259DC}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{56E10D4E-56A9-4175-AB08-D07646897764}" = protocol=17 | dir=in | app=d:\assassin's creed\assassinscreed_launcher.exe |
"{57327495-DF31-4919-8099-DAE03F84EA89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5889EB25-D8CE-408A-BAF1-9A6E32FF432E}" = protocol=6 | dir=in | app=d:\assassin's creed\assassinscreed_dx10.exe |
"{59B75187-8A8A-47C7-8633-49B8FA012EBD}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{5B0C24D5-F022-4651-9181-D31154036D4B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5DDB8DCD-7433-46BA-8158-303379A54546}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{5FE85D6B-8A6F-4002-98D0-EE0AF108BB78}" = protocol=17 | dir=in | app=d:\mass effect\binaries\masseffect.exe |
"{608265A8-80A1-4E9C-A7EF-201369EDC9DC}" = protocol=6 | dir=in | app=d:\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{614D194C-F1A7-4E08-B498-A7E07F35FE04}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe |
"{6CE9A421-9AF5-4B8A-B6C0-71C62AD78C25}" = protocol=6 | dir=in | app=d:\james cameron's avatar - the game\bin\avatar.exe |
"{6E497F36-B792-48CD-A986-461F05D82F5C}" = protocol=17 | dir=in | app=d:\crytek\crysis\bin32\crysis.exe |
"{6E81FA14-6122-435B-BAF7-684AA0168E29}" = protocol=6 | dir=in | app=d:\assassin's creed\assassinscreed_dx9.exe |
"{6FDB1665-1B88-49F1-8950-A630EC7C3FD8}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{7666C4F3-57EE-48C4-8175-5ECC3CD1E109}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{76B9437D-CE8E-49CA-AEE7-8313E6A70B81}" = protocol=17 | dir=in | app=d:\assassin's creed\assassinscreed_dx10.exe |
"{79C55D7A-E19C-4874-9CF9-DD8C73BC416A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{7AFE7BDF-FE9D-48F5-916C-09A4A4B70D6F}" = protocol=6 | dir=in | app=d:\hra o tróny\steam.exe |
"{7DA59DFF-EB15-4E6B-B56C-CA87432D076F}" = protocol=17 | dir=in | app=d:\battlefield 3™\bf3.exe |
"{7DA66225-0715-4C9F-A07D-DA1B12FB0F53}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{7E68D073-4C6B-4F75-A521-D15994A91719}" = protocol=6 | dir=in | app=d:\flatout ultimate carnage\fouc.exe |
"{84A0CEC6-32BD-4988-B7AB-726F15322410}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{880F9751-53DD-455E-9A00-039F2CAC7E3A}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{88D8561B-8D61-4D1E-A29E-CD7DB28DFAEB}" = protocol=17 | dir=in | app=d:\flatout ultimate carnage\fouc.exe |
"{898AB4AF-EFDC-47A0-AB82-A3075A0F4AA3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8B2B43FF-E7F9-4F84-806D-21D2C2B26667}" = protocol=17 | dir=in | app=c:\program files\rockstar games\max payne 3\playmaxpayne3.exe |
"{900DBFCE-7D14-453D-B10D-2FEEC4752F2E}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{90F3C274-66DA-4574-A899-3C77DD0F2987}" = protocol=6 | dir=in | app=c:\program files\rockstar games\max payne 3\playmaxpayne3.exe |
"{92761069-3584-4A50-9D7A-35E960AE8A30}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9884305D-412F-4B9B-8D0D-B7D942B605F4}" = protocol=6 | dir=in | app=d:\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{99FA06F3-D684-41FC-9409-4AE3EEF46220}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{9AB9AFB7-7C29-43FF-A58C-AC1A669449A0}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9B9D0566-95E9-404E-8E46-92A0577FB604}" = protocol=6 | dir=in | app=d:\mass effect\binaries\masseffect.exe |
"{9C401ABD-F567-41D2-A228-E6F44D7BD2B6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9D47F6F9-BEF6-429C-B787-130BB846F83A}" = protocol=6 | dir=in | app=d:\assassin's creed\assassinscreed_launcher.exe |
"{9FF6667C-6E19-4B21-8052-35D77CDF4ABB}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{A489B6BC-BF40-4DCD-9330-27BBC5A748C4}" = protocol=6 | dir=in | app=d:\mass effect\masseffectlauncher.exe |
"{A69E4521-A5D0-47E2-8059-C417BB990859}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ACCDF1F2-3377-4FB7-AEB5-C3C23E088583}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD08FEED-E2ED-4E65-B680-058DA487D34E}" = protocol=17 | dir=in | app=d:\dragon age\bin_ship\daorigins.exe |
"{B16FCB74-3A8A-44AE-B7F5-8EB6B900F991}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B1E13597-0926-4710-845E-D4143C5F8B83}" = protocol=17 | dir=in | app=d:\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{B2A04EDD-1CA3-4287-B200-028252F3D0AD}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe |
"{B4C57032-E05E-4FB8-9A98-A8DAC47A2F8D}" = protocol=6 | dir=in | app=d:\dragon age\bin_ship\daupdatersvc.service.exe |
"{BC0DCFB0-9662-4A41-9B08-8C90CC8E1F59}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BDA7AD21-02EF-4A2A-B59F-601FEABF51DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE26F08A-95AE-46D4-B337-E24E0F63DA08}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{C0687050-FE5B-4F48-B2C4-D77EEE8FB2A4}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{C0AD2654-474B-4F4E-9D76-12BB0BF6B79E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C22D3424-3030-4702-B9A8-04D7E0EAB9AB}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{C4F338EE-125A-489D-ADE5-7634C3E1C30C}" = protocol=6 | dir=in | app=d:\tom clancy's h.a.w.x\hawx_dx10.exe |
"{C5A8DF78-BD61-4A3E-90E8-011F8EF450A2}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{CB54D7C4-B49E-4A5F-A59B-5068BFD9185A}" = protocol=6 | dir=in | app=d:\battlefield 3™\bf3.exe |
"{CC12FB4B-8C2C-4A4E-8540-A87E771B5C58}" = protocol=17 | dir=in | app=d:\fable iii\fable3.exe |
"{D744FB7F-3E39-4E69-84F7-D48D6568E1BF}" = protocol=6 | dir=in | app=d:\gears of war\binaries\wargame-g4wlive.exe |
"{DA9EC7E0-8E8A-451A-9556-FF6C4D1F7287}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0F4ECA3-AB06-4322-94F7-551CA846F336}" = protocol=17 | dir=in | app=d:\assassin's creed\assassinscreed_dx9.exe |
"{E4A8FE41-7EFF-4582-A291-B549F5D2097B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E5D2E8BC-5D7C-4207-871D-4AF0D6B3667B}" = protocol=17 | dir=in | app=d:\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{E68E046C-F845-4073-A331-3049F47DB4A3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{E7C5859F-869B-4E34-8E04-5506750F88D9}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{EC0418A3-7B75-4013-ACF2-0D2160ADCB63}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{EDA4564C-41AD-4C9D-8B08-4662FA7F12EB}" = protocol=6 | dir=out | app=system |
"{EEAF7E09-52BD-456B-99C1-6EEFDC248FE0}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{F1FA8392-7BFF-4C4E-B2E8-3DE07C735869}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{F4D48DCC-D03F-4C8E-B60C-B7FCAC881B74}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F5F3E8CD-C7E0-4BE0-A75F-1BEBCF3FD672}" = protocol=17 | dir=in | app=d:\transformers - war for cybertron\binaries\twfc.exe |
"{F6A7F39A-A8F7-45A6-B665-A56A88E3CC69}" = protocol=6 | dir=in | app=d:\transformers - war for cybertron\binaries\twfc.exe |
"{FB0A9A9E-C2EA-4BC4-A4F9-B021EDAD4DF3}" = protocol=6 | dir=in | app=d:\dragon age\daoriginslauncher.exe |
"TCP Query User{02FEECC4-ABE4-4B74-B1CE-11268B79980A}D:\cs1.6\valve\hl.exe" = protocol=6 | dir=in | app=d:\cs1.6\valve\hl.exe |
"TCP Query User{0446B4F7-9153-49B7-86B3-CA409A2B030B}C:\program files\the guild 2 renaissance\guildii.exe" = protocol=6 | dir=in | app=c:\program files\the guild 2 renaissance\guildii.exe |
"TCP Query User{0CBEB852-A1F6-4173-A23D-4C96477575DE}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0FC4F6C0-7D2C-46FA-B0C3-A2E7C50CC43F}D:\left4dead\hl2.exe" = protocol=6 | dir=in | app=d:\left4dead\hl2.exe |
"TCP Query User{11477C9B-6285-45D8-8DD5-6EA9EA93BD0A}D:\hunted the demon s forge\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=d:\hunted the demon s forge\binaries\win32\p4dftre.dll |
"TCP Query User{12ACDFE5-120B-459B-A82D-16F8A7AAB41A}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{14997AF4-98B2-4285-BC77-6C703E9C5160}D:\legendary\binaries\legendary.exe" = protocol=6 | dir=in | app=d:\legendary\binaries\legendary.exe |
"TCP Query User{1EE37CC4-CE0E-4F71-BC98-68FC83DCEFAF}D:\hunted the demon s forge\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=d:\hunted the demon s forge\binaries\win32\p4dftre.dll |
"TCP Query User{1F22AB54-244D-4B7D-BA64-91EDDFD4E8AA}D:\hra o tróny\steamapps\common\a game of thrones\agot.exe" = protocol=6 | dir=in | app=d:\hra o tróny\steamapps\common\a game of thrones\agot.exe |
"TCP Query User{2230B772-44D3-49EF-857D-C1CBA35B8723}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{26131C38-A03E-4CD2-ABEE-198FF72C0B3E}C:\program files\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{2A7184B6-22F0-4BC1-8B79-A41CA2E12F43}C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{374F159B-9B1A-46A3-A23F-84A556030DF1}D:\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\f.e.a.r. 3\f.e.a.r. 3.exe |
"TCP Query User{3CA99B01-B351-4387-AD0D-4A4CF39D5838}D:\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=d:\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{400BEE9C-1EFC-4E9C-98B6-A5F57809C51A}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{453A17B5-FAFB-4D0D-B111-38A9B6A564FC}D:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{50CED49F-6BD2-46B2-92AB-661CEA4DDE1F}D:\soulstorm.exe" = protocol=6 | dir=in | app=d:\soulstorm.exe |
"TCP Query User{50FD8DB3-5CF4-4986-A239-2E8D05BFB925}D:\gears of war\binaries\wargame-g4wlive.exe" = protocol=6 | dir=in | app=d:\gears of war\binaries\wargame-g4wlive.exe |
"TCP Query User{52706D26-BE7D-466B-ACAE-F94F4E2924C6}D:\left4dead\hl2.exe" = protocol=6 | dir=in | app=d:\left4dead\hl2.exe |
"TCP Query User{5378237B-EBD1-45AE-8385-8E01A582EE76}D:\dowar2r\dow2.exe" = protocol=6 | dir=in | app=d:\dowar2r\dow2.exe |
"TCP Query User{5C63AA17-469D-4203-8A16-FF1D35AD5924}D:\dowar2r\dow2.exe" = protocol=6 | dir=in | app=d:\dowar2r\dow2.exe |
"TCP Query User{6110FC46-CFA3-48F7-8056-3E2098427F3D}D:\dead space\dead space.exe" = protocol=6 | dir=in | app=d:\dead space\dead space.exe |
"TCP Query User{618CE43A-FD74-4E93-89DF-1EF9F42A8A9F}D:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe" = protocol=6 | dir=in | app=d:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe |
"TCP Query User{62BCAFB9-0F26-4877-92CC-09EEDAE9F989}D:\warhammer® mark of chaos™\warhammer.exe" = protocol=6 | dir=in | app=d:\warhammer® mark of chaos™\warhammer.exe |
"TCP Query User{72828E72-31F0-4493-A3B9-FD7CB52C65D1}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{73502E09-E8F8-4060-81B5-2C724CED20FA}D:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe" = protocol=6 | dir=in | app=d:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe |
"TCP Query User{7749F181-1EFB-4D4D-8EA7-202A77D6A52C}D:\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"TCP Query User{791A684E-20D7-440C-AE08-2F05F16C8C4B}D:\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=d:\world_of_warplanes\wowplauncher.exe |
"TCP Query User{7DF25E2E-0AFD-4C30-8DB4-48A1661D84BA}D:\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\modern warfare 2\iw4mp.exe |
"TCP Query User{852C43AA-2130-4B49-B435-F3F3CBD0C096}C:\program files\overlord\overlord.exe" = protocol=6 | dir=in | app=c:\program files\overlord\overlord.exe |
"TCP Query User{8C74A088-3EB8-4B34-949C-18BEF81B39D1}D:\medal of honor pacific assault(tm)\mohpa.exe" = protocol=6 | dir=in | app=d:\medal of honor pacific assault(tm)\mohpa.exe |
"TCP Query User{8ED273F8-531D-4F44-B035-4FDCBC51A472}D:\armies of exigo\exigo.exe" = protocol=6 | dir=in | app=d:\armies of exigo\exigo.exe |
"TCP Query User{918A5C5B-6788-45AD-82F4-968EE230BE76}D:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{966EB251-A7ED-4213-AAF3-75A0274002B0}D:\stepmania 4\program\stepmania.exe" = protocol=6 | dir=in | app=d:\stepmania 4\program\stepmania.exe |
"TCP Query User{B7CAF3A2-14CD-4A14-9A54-BA91BF6A2B6F}D:\warhammer® mark of chaos™\warhammer.exe" = protocol=6 | dir=in | app=d:\warhammer® mark of chaos™\warhammer.exe |
"TCP Query User{BB40C4BA-A624-4FC2-B75E-31003FAD3B31}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{C6703817-9DE7-4530-B239-837F8770A24A}D:\dead space\dead space.exe" = protocol=6 | dir=in | app=d:\dead space\dead space.exe |
"TCP Query User{C69B31AD-46BC-426F-9725-4EF6C1A0160A}D:\overlord ii\overlord2.exe" = protocol=6 | dir=in | app=d:\overlord ii\overlord2.exe |
"TCP Query User{CA48E68C-03DF-48BE-90B8-9396910B1525}D:\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=d:\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{D0F1072B-8B1F-454E-8FDB-A55A1173779A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{D7CA48E5-1725-41A3-A611-B3CA99B2ABDF}C:\program files\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{D8E1A0BA-0D36-4C5E-A005-7DF958099EA8}D:\medal of honor pacific assault(tm)\mohpa.exe" = protocol=6 | dir=in | app=d:\medal of honor pacific assault(tm)\mohpa.exe |
"TCP Query User{DB0F9202-B5D9-431F-B963-878E95EA312A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DF045C94-E91C-4287-BA86-E9F4FDABCB08}D:\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=d:\max payne 3\maxpayne3.exe |
"TCP Query User{E89FD11E-F513-4BB0-ADCF-A8D464B58FD2}D:\cs1.6\valve\hl.exe" = protocol=6 | dir=in | app=d:\cs1.6\valve\hl.exe |
"TCP Query User{EAC4895C-E75A-475C-A1B5-2E6479C5ABB3}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{EDF0B36B-876F-41F8-97B9-1A77F2C050FF}D:\legendary\binaries\legendary.exe" = protocol=6 | dir=in | app=d:\legendary\binaries\legendary.exe |
"TCP Query User{EF72AB79-A864-4C1E-98FA-B06235748E60}D:\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"TCP Query User{F91DF643-C2E8-4AB7-99FB-B0D49FEE2822}D:\air conflicts\ac.exe" = protocol=6 | dir=in | app=d:\air conflicts\ac.exe |
"TCP Query User{F989BDBB-3517-4AFE-BCA9-AC5084E6B70A}D:\overlord ii\overlord2.exe" = protocol=6 | dir=in | app=d:\overlord ii\overlord2.exe |
"UDP Query User{06CFB3B0-DB56-43C7-A8C2-5A3C6F20FA56}D:\hra o tróny\steamapps\common\a game of thrones\agot.exe" = protocol=17 | dir=in | app=d:\hra o tróny\steamapps\common\a game of thrones\agot.exe |
"UDP Query User{08B97632-C005-4362-8DB4-452D1F6EB6C3}D:\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=d:\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{15788799-96B4-4069-B8E1-E4B7B5D24981}D:\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=d:\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{19723BA8-8009-4D57-8167-E29D59973CB7}D:\dowar2r\dow2.exe" = protocol=17 | dir=in | app=d:\dowar2r\dow2.exe |
"UDP Query User{2EBF5EA4-426D-4AC6-8084-146DC2318553}D:\gears of war\binaries\wargame-g4wlive.exe" = protocol=17 | dir=in | app=d:\gears of war\binaries\wargame-g4wlive.exe |
"UDP Query User{3053918E-2391-473B-B9C0-961E6582A671}D:\legendary\binaries\legendary.exe" = protocol=17 | dir=in | app=d:\legendary\binaries\legendary.exe |
"UDP Query User{358B3DEF-B4A1-4BCC-B881-5453DDD20A69}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{372C2F3B-E338-4B10-8801-DE823CB55D51}D:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe" = protocol=17 | dir=in | app=d:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe |
"UDP Query User{38208FAB-DCC8-4795-91D6-1DF61FF2C388}C:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{4835C968-2113-473E-B212-A3D204CB2614}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{4E30E520-BEB0-4DDA-B9CF-AB057220D916}D:\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\modern warfare 2\iw4mp.exe |
"UDP Query User{5C6FEAA6-0EC6-4148-950A-99B141DD248D}D:\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"UDP Query User{5D4AA307-792F-4A3C-BE2A-956EA5DB01E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{633E53F0-D663-4AFF-9AB8-DB1F4C35A8B8}C:\program files\the guild 2 renaissance\guildii.exe" = protocol=17 | dir=in | app=c:\program files\the guild 2 renaissance\guildii.exe |
"UDP Query User{63E2C350-43D3-469A-B38B-69F9C230D622}D:\medal of honor pacific assault(tm)\mohpa.exe" = protocol=17 | dir=in | app=d:\medal of honor pacific assault(tm)\mohpa.exe |
"UDP Query User{64874C45-AFAA-4C35-936A-9B7C974BDFF4}D:\medal of honor pacific assault(tm)\mohpa.exe" = protocol=17 | dir=in | app=d:\medal of honor pacific assault(tm)\mohpa.exe |
"UDP Query User{6AE66E9B-8FF7-4ADD-AA31-6AE2CBEB5002}D:\dead space\dead space.exe" = protocol=17 | dir=in | app=d:\dead space\dead space.exe |
"UDP Query User{6D2CD15E-DD37-41E3-9B23-4EA92259E066}D:\armies of exigo\exigo.exe" = protocol=17 | dir=in | app=d:\armies of exigo\exigo.exe |
"UDP Query User{7B7DE397-BBE7-4CF0-86DA-5F729992F6EB}D:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{802A1C25-DA4C-4284-BDF0-9F54969F69B2}D:\overlord ii\overlord2.exe" = protocol=17 | dir=in | app=d:\overlord ii\overlord2.exe |
"UDP Query User{83945096-DAB4-493F-8D18-FDFE0D24649C}D:\dead space\dead space.exe" = protocol=17 | dir=in | app=d:\dead space\dead space.exe |
"UDP Query User{8CB17B12-7709-4FC5-BE23-E50C2F7C603C}D:\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=d:\max payne 3\maxpayne3.exe |
"UDP Query User{9463DF7C-1C70-460F-BFC0-FC5156107CEC}D:\air conflicts\ac.exe" = protocol=17 | dir=in | app=d:\air conflicts\ac.exe |
"UDP Query User{989BA79D-4180-46E9-A355-550FD34C4515}D:\legendary\binaries\legendary.exe" = protocol=17 | dir=in | app=d:\legendary\binaries\legendary.exe |
"UDP Query User{98F88F0D-2D94-4B5F-81A8-9656DE29FE1A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{A4E3CEC2-D308-40E7-9209-95D1D07A0F4B}C:\program files\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{AC3AC8A8-96EF-4BCD-9008-C22D1C8C9706}D:\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"UDP Query User{AF5F98C6-5C44-408B-913E-EB326B2E96FE}C:\program files\overlord\overlord.exe" = protocol=17 | dir=in | app=c:\program files\overlord\overlord.exe |
"UDP Query User{AF96B086-062D-4321-BECE-F772BF42DF02}D:\soulstorm.exe" = protocol=17 | dir=in | app=d:\soulstorm.exe |
"UDP Query User{B5F31387-2212-44C0-83EF-1CE482C6D837}D:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{BBC4D052-7E00-4944-8F20-7850B46D89BD}D:\cs1.6\valve\hl.exe" = protocol=17 | dir=in | app=d:\cs1.6\valve\hl.exe |
"UDP Query User{C42F2B9C-5963-4EE5-B2F8-0F874D33B8B9}D:\hunted the demon s forge\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=d:\hunted the demon s forge\binaries\win32\p4dftre.dll |
"UDP Query User{C7117BCE-15D7-4AC8-80B4-F44E4E208591}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{CD104174-34A6-4D3C-B75F-4A3463C13420}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{D2EEEBDA-A5FA-4A37-9CCB-D2819FAB0884}D:\f.e.a.r. 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\f.e.a.r. 3\f.e.a.r. 3.exe |
"UDP Query User{D651B1A1-A0E3-4665-8003-C8C39BED9442}D:\left4dead\hl2.exe" = protocol=17 | dir=in | app=d:\left4dead\hl2.exe |
"UDP Query User{D8952585-AF93-4966-86E1-23F048B3875E}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{D89CB49B-C735-48D6-8F60-4F8E25A5329E}D:\overlord ii\overlord2.exe" = protocol=17 | dir=in | app=d:\overlord ii\overlord2.exe |
"UDP Query User{D9A9D3AE-AAC2-479F-A788-ED0149DA60E0}D:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe" = protocol=17 | dir=in | app=d:\red orchestra 2 heroes of stalingrad\binaries\win32\rogame.exe |
"UDP Query User{DEB62561-977F-4569-A616-1EE76B93C0F7}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{DEE15F79-4AD3-463A-9FE5-3F3FFB907BBE}D:\stepmania 4\program\stepmania.exe" = protocol=17 | dir=in | app=d:\stepmania 4\program\stepmania.exe |
"UDP Query User{E25BE341-8E84-4377-9317-E6D8D76A7211}D:\left4dead\hl2.exe" = protocol=17 | dir=in | app=d:\left4dead\hl2.exe |
"UDP Query User{E4F9166D-8A15-42C7-AB7D-C5CB8E7D2B7A}D:\hunted the demon s forge\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=d:\hunted the demon s forge\binaries\win32\p4dftre.dll |
"UDP Query User{F0B92399-BE6D-4A4B-87F0-52F66B12025E}D:\warhammer® mark of chaos™\warhammer.exe" = protocol=17 | dir=in | app=d:\warhammer® mark of chaos™\warhammer.exe |
"UDP Query User{F174C0F4-625D-4A41-98C1-16B1D432B448}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{F3E097BC-0443-4C55-950D-E419385E2723}D:\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=d:\world_of_warplanes\wowplauncher.exe |
"UDP Query User{F4288154-AC29-431F-A8DD-782610D32D52}D:\dowar2r\dow2.exe" = protocol=17 | dir=in | app=d:\dowar2r\dow2.exe |
"UDP Query User{F7E17EE4-6FC3-4420-9964-790F4E710F3D}D:\cs1.6\valve\hl.exe" = protocol=17 | dir=in | app=d:\cs1.6\valve\hl.exe |
"UDP Query User{FD1B0ADC-9A05-4866-8D5E-75CE077012CA}C:\program files\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{FEA921F1-3DA8-4BE1-BDCE-63A9C454191A}D:\warhammer® mark of chaos™\warhammer.exe" = protocol=17 | dir=in | app=d:\warhammer® mark of chaos™\warhammer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03A92733-D26B-CBCD-52A1-56E31E612972}" = Catalyst Control Center Core Implementation
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04855393-0840-96C6-1834-2A6256F3D3C4}" = ccc-utility
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{106E3037-BFFF-0B66-7BAE-15E16C9DAB7A}" = CCC Help Turkish
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{124D0E28-CD55-490E-E551-7474F0965983}" = Catalyst Control Center Graphics Previews Common
"{133B19CF-2FDA-492C-07AD-FAE04DB76C99}" = ccc-core-static
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20533183-D42D-4261-A125-956736FBEA8C}" = Dawn of War - Soulstorm
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244F94E8-6801-3AEE-D5F8-8B0F66A323D6}" = CCC Help Chinese Standard
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord - Raising Hell
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{28B94253-5729-4C30-8DE4-F2A0A63149B0}" = OpenOffice.org 3.2
"{29498512-A137-4478-8691-922829F108DC}" = HP Deskjet 2050 J510 series Product Improvement Study
"{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"{2A2C6E16-0399-F5AE-B3A8-0990B2464E97}" = Catalyst Control Center Graphics Full New
"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)
"{301A4A22-ACBD-993D-682E-4B35F22467B6}" = Catalyst Control Center Graphics Light
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{322F75E0-71A3-4125-8EB3-761834EDC166}" = Eragon
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.455
"{34B9B494-EF4A-4592-87A8-BE40D0442E86}" = Dawn of War - Soulstorm
"{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = Dawn Of War
"{3735E172-6799-E37B-EA89-C6CA4190436B}" = ATI Catalyst Install Manager
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40A208DE-AE5A-F82C-962C-17050826751F}" = Catalyst Control Center Graphics Full Existing
"{41F706DC-FE6D-90AC-6B9A-F175388EBFA6}" = CCC Help Finnish
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{43CC74BB-CB4F-9DE7-5B86-0CB4E498DDAE}" = CCC Help Italian
"{49DCA97C-4D99-659C-AE2B-9CDCC227CEE3}" = CCC Help English
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E12BF0A-9A6B-B806-F589-1456DA35CFAA}" = CCC Help Spanish
"{5419A3D5-07EC-9C03-483F-41945F9F173C}" = CCC Help Swedish
"{5E5FF37B-81F4-FAE1-1BEB-2DCCB7D8AC21}" = CCC Help Chinese Traditional
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6717A421-DA2D-BC53-3C94-95235480B989}" = CCC Help Japanese
"{6889EE56-1816-4E89-94DF-9F56E7804039}_is1" = Counter-Strike 1.6 Non-Steam patch v36
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6E6FD4E4-A2FB-2404-6E46-7606B0913FF1}" = CCC Help Greek
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729C7781-11C8-783B-CC05-1AC359088502}" = CCC Help Czech
"{7492FE27-81F9-305D-44B8-7696ACBACA2A}" = CCC Help Russian
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{782AE8DA-30DA-44bd-BA9A-9F23B8A4AC79}" = pdfforge Toolbar v5.1
"{79DCE48C-3B7F-4071-AF33-7D35EC5EB312}" = OMEGA 16.52.00
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{7CA835ED-752D-0AD3-3DD1-DAFCD81E8E6A}" = CCC Help Danish
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{81C9B604-B3D0-82FB-E677-2D96CDFECEAB}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B1C8588-60C4-3650-D324-9404AEF01044}" = Catalyst Control Center Graphics Previews Vista
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90949E60-1E05-EAD9-A1B8-D0984F18224B}" = CCC Help Portuguese
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9D317B-610F-5B74-E001-FFF98C3393D8}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E6AD6CF-1EFF-43E4-86C4-5C00254C3D8E}" = WolfQuest
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Slovak
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B15930BE-C329-0B26-CE1E-E1E6D4A3EB20}" = CCC Help German
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C143B1EA-688C-35CE-34BE-88DFDBA4D0E6}" = Catalyst Control Center Localization All
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C6F8AFBD-C7D3-2934-DB48-1E2C92D7455B}" = CCC Help Hungarian
"{C99BB532-DD74-47DC-94E7-F3DAE52A86E6}" = ESET NOD32 Antivirus
"{D1543DF7-EF94-B6E7-643B-3543EA36F630}" = CCC Help French
"{D44EFA1A-5F04-DFB4-A3FF-A1A4D64556D0}" = CCC Help Korean
"{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}" = Devil May Cry 3 Special Edition
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DE56B690-A4EE-F806-6DEF-942EF3FB2E20}" = CCC Help Thai
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E654D1E3-B18B-4953-BFBC-F16227323E05}" = HP Deskjet 2050 J510 series Basic Device Software
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED27DC1A-550A-5F48-9303-9C0D9C179D42}" = CCC Help Norwegian
"{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}" = Palm Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3BD166A-8C88-438E-AB9B-3F4B0FFD044C}" = Prototype
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FDEB7B11-0631-4D77-9F96-E246CAA6C0ED}" = Warhammer® Mark of Chaos™
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ASIO4ALL" = ASIO4ALL
"BrowserCompanion" = BrowserCompanion
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CDCE6956-DD16-4F82-ACA0-E4C7BAD6B26A_is1" = Divinity II - DKS
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Darksiders II_is1" = Darksiders II
"Dishonored_is1" = Dishonored
"DivX Setup" = DivX Setup
"DMC Devi May Cry (c) Capcom_is1" = DMC Devi May Cry (c) Capcom version 1
"DoWar2R_is1" = DoWar2R
"Dračí oko" = Dračí oko
"Elantech" = ETDWare PS/2-x86 7.0.5.7_WHQL
"Elcomm" = Elcomm
"F.E.A.R. 3_is1" = F.E.A.R. 3
"FL Studio 10" = FL Studio 10
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"IL Download Manager" = IL Download Manager
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers - War for Cybertron
"InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = Dawn Of War
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"Křižáci - Království nebeské_is1" = Křižáci - Království nebeské
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"NFS: Most Wanted" = NFS: Most Wanted CZ
"OpenAL" = OpenAL
"PinkVisual-126.002" = thriXXX PinkVisual-126.002
"POD-Bot 2.5" = POD-Bot 2.5
"Poser 6 Demo" = Poser 6 Demo
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Red Orchestra 2 Heroes of Stalingrad_is1" = Red Orchestra 2 Heroes of Stalingrad
"Rockstar Games Social Club" = Rockstar Games Social Club
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Searchqu Toolbar" = Searchqu Toolbar
"Sniper Elite V2_is1" = Sniper Elite V2
"Sniper Elite: Nazi Zombie Army_is1" = Sniper Elite: Nazi Zombie Army
"Sniper Ghost Warrior - Gold Edition_is1" = Sniper Ghost Warrior - Gold Edition
"Steam App 58550" = A Game of Thrones - Genesis
"StepMania 4" = StepMania 4 alpha 4 (remove only)
"stepmania.com1.0" = stepmania.com
"TabletDriver" = Trust Tablet Driver
"TeamViewer 8" = TeamViewer 8
"The Darkness II 1.00" = The Darkness II 1.00
"The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"vfd-ob" = VideoFileDownload
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Zaklínač rozšířená edice v1.5" = Zaklínač rozšířená edice v1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-112127421-3188988723-2501912363-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20. 3. 2013 13:15:45 | Computer Name = Dominik | Source = Application Hang | ID = 1002
Description = The program AIMII.exe version 1.3.28.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: b78 Start Time:
01ce258df372dbde Termination Time: 47 Application Path: D:\A.I.M. 2. Clan Wars\AIMII.exe

Report
Id:

Error - 20. 3. 2013 13:18:21 | Computer Name = Dominik | Source = Application Hang | ID = 1002
Description = The program AIMII.exe version 1.3.28.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: b08 Start Time:
01ce258e91c5ccc3 Termination Time: 10 Application Path: D:\A.I.M. 2. Clan Wars\AIMII.exe

Report
Id:

Error - 21. 3. 2013 15:58:49 | Computer Name = Dominik | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 22. 3. 2013 18:15:47 | Computer Name = Dominik | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 26. 3. 2013 5:31:06 | Computer Name = Dominik | Source = MSSOAP | ID = 16
Description = Soap error: Host not found..

Error - 26. 3. 2013 5:31:06 | Computer Name = Dominik | Source = MSSOAP | ID = 16
Description = Soap error: An unanticipated error occurred during the processing
of this request..

Error - 26. 3. 2013 5:31:06 | Computer Name = Dominik | Source = MSSOAP | ID = 16
Description = Soap error: Sending the Soap message failed or no recognizable response
was received.

Error - 26. 3. 2013 5:31:06 | Computer Name = Dominik | Source = MSSOAP | ID = 16
Description = Soap error: Unspecified client error..

Error - 26. 3. 2013 9:52:14 | Computer Name = Dominik | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 26. 3. 2013 9:52:14 | Computer Name = Dominik | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ Media Center Events ]
Error - 6. 6. 2012 10:28:07 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 16:28:07 - Chyba pripájania na Internet. 16:28:07 - Nebolo možné
spojiť sa so serverom..

Error - 6. 6. 2012 11:28:12 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 17:28:12 - Chyba pripájania na Internet. 17:28:12 - Nebolo možné
spojiť sa so serverom..

Error - 11. 6. 2012 6:48:23 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 12:48:23 - Chyba pripájania na Internet. 12:48:23 - Nebolo možné
spojiť sa so serverom..

Error - 11. 6. 2012 10:43:42 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 16:43:42 - Chyba pripájania na Internet. 16:43:42 - Nebolo možné
spojiť sa so serverom..

Error - 6. 7. 2012 21:34:12 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 3:34:12 - Chyba pripájania na Internet. 3:34:12 - Nebolo možné
spojiť sa so serverom..

Error - 6. 7. 2012 22:34:21 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 4:34:21 - Chyba pripájania na Internet. 4:34:21 - Nebolo možné
spojiť sa so serverom..

Error - 12. 7. 2012 14:20:09 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 20:20:09 - Chyba pripájania na Internet. 20:20:09 - Nebolo možné
spojiť sa so serverom..

Error - 12. 7. 2012 15:20:14 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 21:20:14 - Chyba pripájania na Internet. 21:20:14 - Nebolo možné
spojiť sa so serverom..

Error - 13. 7. 2012 13:30:38 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 19:30:38 - Chyba pripájania na Internet. 19:30:38 - Nebolo možné
spojiť sa so serverom..

Error - 13. 7. 2012 14:30:43 | Computer Name = Dominik | Source = MCUpdate | ID = 0
Description = 20:30:43 - Chyba pripájania na Internet. 20:30:43 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 15. 10. 2013 13:50:02 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:51:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:52:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:53:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:54:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:55:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:56:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:57:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:58:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2

Error - 15. 10. 2013 13:59:00 | Computer Name = Dominik | Source = Service Control Manager | ID = 7000
Description = Spustenie služby BitGuard zlyhalo kvôli nasledujúcej chybe: %%2


< End of report >

[vyosek]

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Dominik20]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Ultimate x86
Ran by Urban on so 19. 10. 2013 at 23:38:07,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] web assistant updater
Successfully deleted: [Service] web assistant updater



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tdataprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\updatebho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\wit4ie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\blabbers
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-112127421-3188988723-2501912363-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-112127421-3188988723-2501912363-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsermngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\incredibar.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\i
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.incredibarhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\base64
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\prox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tdataprotocol.ctdata
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tdataprotocol.ctdata.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updatebho.timerbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updatebho.timerbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wit4ie.witbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wit4ie.witbho.2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchqu toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336d0c35-8a85-403a-b9d2-65c292c39087}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{fb697452-8ca4-46b4-98b1-165c922a2ef3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DA4E7C8E-0D94-4D5D-AD2B-A3E5DE59F6DA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}



~~~ Files

Successfully deleted: [File] "C:\Users\Urban\appdata\local\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Users\Urban\appdata\local\google\chrome\user data\default\bprotectorpreferences"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Urban\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Urban\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Urban\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Urban\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\bbrs_002.tb"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\pdfforge"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\Urban\appdata\locallow\utorrentcontrol2"
Successfully deleted: [Folder] "C:\Program Files\application updater"
Successfully deleted: [Folder] "C:\Program Files\browsercompanion"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\incredibar.com"
Successfully deleted: [Folder] "C:\Program Files\openapp"
Successfully deleted: [Folder] "C:\Program Files\pdfforge toolbar"
Successfully deleted: [Folder] "C:\Program Files\searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files\smartdl"
Successfully deleted: [Folder] "C:\Program Files\sweetim"
Successfully deleted: [Folder] "C:\Program Files\torntv.com"
Successfully deleted: [Folder] "C:\Program Files\tsearch"
Successfully deleted: [Folder] "C:\Program Files\utorrentcontrol2"
Successfully deleted: [Folder] "C:\Program Files\yourfiledownloader"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\Urban\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\Users\Urban\start menu\programs\browser manager"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Urban\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 19. 10. 2013 at 23:42:51,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Dominik20]

# AdwCleaner v3.008 - Report created 19/10/2013 at 23:48:35
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Urban - DOMINIK
# Running from : C:\Users\Urban\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BitGuard

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~Browser Manager
Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files\~Web Assistant
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Users\Urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
File Deleted : C:\Users\Urban\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\Urban\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\Windows\System32\Tasks\BitGuard
File Deleted : C:\Windows\System32\Tasks\YourFile Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{807ED16A-D8A7-4766-8F1C-C9096283D365}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{807ED16A-D8A7-4766-8F1C-C9096283D365}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile Update
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE67FBC0-302C-4930-A25C-B88B201755C2}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE67FBC0-302C-4930-A25C-B88B201755C2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKCU\Software\525788dbb739e548
Key Deleted : HKLM\SOFTWARE\525788dbb739e548
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Key Deleted : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v

[ File : C:\Users\Urban\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\Urban\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Urban\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [14723 octets] - [19/10/2013 23:46:50]
AdwCleaner[S0].txt - [15095 octets] - [19/10/2013 23:48:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15156 octets] ##########

[vyosek]

Udelejte novy sken pomoci OTL, postup stejny...