Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#16 Příspěvek od valdoDK »

Log OTL:

OTL logfile created on: 24.1.2014 23:42:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MrVopi\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

15,94 Gb Total Physical Memory | 13,34 Gb Available Physical Memory | 83,65% Memory free
18,32 Gb Paging File | 15,39 Gb Available in Paging File | 84,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,14 Gb Total Space | 15,45 Gb Free Space | 6,77% Space Free | Partition Type: NTFS

Computer Name: MRVOPI-PC | User Name: MrVopi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.01.24 23:30:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MrVopi\Desktop\OTL.exe
PRC - [2014.01.11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.01.07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.01.07 22:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.11.07 13:11:57 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.11.07 07:35:17 | 000,249,856 | ---- | M] (My Digital Life Forums) -- C:\Windows\KMSServerService\KMS Server Service.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.09.05 19:34:30 | 000,171,680 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2013.08.15 00:06:34 | 000,709,968 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.20 08:08:24 | 000,142,960 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
PRC - [2013.02.14 22:42:46 | 001,020,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
PRC - [2010.04.01 17:30:56 | 000,582,144 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE


========== Modules (No Company Name) ==========

MOD - [2014.01.11 11:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014.01.11 11:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014.01.11 11:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014.01.11 11:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014.01.11 11:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014.01.11 11:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2014.01.07 22:00:22 | 001,138,088 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013.12.12 23:04:18 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.12.12 23:04:14 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013.09.13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.09.13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.08.07 20:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.11.27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.11.27 10:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.11.23 05:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.11.14 12:59:48 | 002,274,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvwmi64.exe -- (NVWMI)
SRV:64bit: - [2013.11.08 04:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013.10.22 02:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013.10.19 06:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.10.09 00:49:16 | 000,247,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe -- (DellMgmtAgent)
SRV:64bit: - [2013.10.09 00:49:16 | 000,033,632 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe -- (DellMgmtServer)
SRV:64bit: - [2013.10.09 00:49:16 | 000,026,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe -- (DellMgmtLoader)
SRV:64bit: - [2013.10.04 09:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.09.21 06:38:15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.09.21 06:34:45 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.08.31 11:00:10 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013.08.28 06:09:58 | 000,472,400 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2013.08.22 20:11:18 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013.08.22 20:11:17 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013.08.22 20:05:40 | 001,044,872 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV:64bit: - [2013.08.22 20:05:40 | 000,037,768 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV:64bit: - [2013.08.22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013.08.22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 11:36:01 | 000,321,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2013.08.22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013.08.22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013.08.22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013.08.22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.08.22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013.07.19 10:39:00 | 000,641,232 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\PPO\poaService.exe -- (poaService)
SRV:64bit: - [2013.07.19 10:39:00 | 000,516,304 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\PPO\poaTaServ.exe -- (poaTaServ)
SRV:64bit: - [2013.07.19 10:39:00 | 000,277,712 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\PPO\poaSmSrv.exe -- (PoaSMSrv)
SRV:64bit: - [2013.06.19 04:18:38 | 000,246,488 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013.06.13 20:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013.05.12 02:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.05.12 02:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.04.30 16:10:27 | 002,486,272 | ---- | M] (Dell Inc.) [On_Demand | Stopped] -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe -- (DellDataVault)
SRV:64bit: - [2013.04.08 16:47:24 | 000,028,160 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2013.02.14 22:43:44 | 000,190,208 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe -- (ESHASRV)
SRV:64bit: - [2013.02.14 22:43:30 | 000,040,888 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2013.02.14 22:42:46 | 001,020,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012.12.10 20:43:20 | 001,636,352 | ---- | M] (Security Innovation, Inc.) [Auto | Stopped] -- C:\Program Files\Dell\Dell Data Protection\TSS\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV:64bit: - [2012.08.30 00:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2011.07.28 14:50:16 | 000,519,536 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV:64bit: - [2010.02.11 02:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014.01.07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.11.07 13:11:57 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.11.07 07:35:17 | 000,249,856 | ---- | M] (My Digital Life Forums) [Auto | Running] -- C:\Windows\KMSServerService\KMS Server Service.exe -- (KMSServerService)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.09.12 22:55:32 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.09.12 22:55:16 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.09.05 19:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.08.31 10:25:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.07.30 22:14:42 | 000,124,616 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe -- (SboxSvc)
SRV - [2013.07.30 22:14:40 | 002,947,856 | ---- | M] (Invincea, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe -- (InvProtectSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.20 08:08:24 | 000,142,960 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.01.14 23:49:58 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013.12.20 20:25:23 | 000,038,768 | ---- | M] (GN Netcom A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys -- (JabraDFU)
DRV:64bit: - [2013.11.11 03:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.11.09 12:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.11.07 08:23:02 | 000,591,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013.11.01 12:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.10.31 01:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.10.26 02:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.10.13 03:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.10.09 00:42:26 | 000,034,048 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CredFltL.sys -- (CredFltL)
DRV:64bit: - [2013.10.05 16:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.09.21 13:10:51 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.09.17 10:18:30 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.09.14 15:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.09.12 22:55:20 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013.08.27 22:35:14 | 002,261,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTDVHD64.sys -- (IntcAzAudAddService)
DRV:64bit: - [2013.08.22 20:11:19 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013.08.22 20:11:18 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.08.22 20:11:12 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013.08.22 20:11:12 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013.08.22 20:11:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013.08.22 20:11:12 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013.08.22 20:11:12 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.08.22 20:05:42 | 000,047,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013.08.22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013.08.22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.08.22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013.08.22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.08.22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 12:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013.08.22 12:38:26 | 000,032,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthHfAud.sys -- (BthHFAud)
DRV:64bit: - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.08.05 18:24:36 | 000,093,432 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_Accel.sys -- (ST_ACCEL)
DRV:64bit: - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.07.20 02:40:50 | 000,186,784 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2FJ2w8x64.sys -- (O2FJ2RDR)
DRV:64bit: - [2013.07.19 10:39:00 | 000,021,264 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\POADrvr.sys -- (POADrvr)
DRV:64bit: - [2013.06.26 22:51:34 | 000,469,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d64x64.sys -- (e1dexpress)
DRV:64bit: - [2013.06.18 15:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013.06.16 14:38:16 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.05.23 07:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013.05.23 07:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013.05.23 07:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013.05.23 07:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013.05.22 00:04:30 | 000,496,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2013.04.29 21:13:21 | 000,023,312 | ---- | M] (Dell Computer Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellProf.sys -- (DellProf)
DRV:64bit: - [2013.04.22 21:38:44 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.04.10 00:16:52 | 000,183,016 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.02.19 23:22:32 | 003,868,160 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2013.02.05 00:49:00 | 000,141,304 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013.02.05 00:48:58 | 000,153,200 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013.02.05 00:48:56 | 000,217,000 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.01.25 03:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.14 01:31:18 | 000,022,168 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.05.13 23:05:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2009.05.06 17:01:12 | 000,015,872 | ---- | M] (ROCCAT Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArvoFltr.sys -- (ArvoFltr)
DRV - [2013.07.30 22:14:42 | 000,202,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys -- (SboxDrv)
DRV - [2013.07.30 22:14:40 | 000,034,824 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys -- (InvProtectDrv)
DRV - [2012.12.29 21:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 5B CC 0F EC 07 CF 01 [binary data]
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\digitalpersona.com/ChromeDPAgent: C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MrVopi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\FirefoxExt\ [2013.11.07 03:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.12.15 13:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013.11.07 04:15:38 | 000,000,000 | ---D | M]

[2013.10.17 11:25:52 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - Extension: Dokumenty Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Disk Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: Kalend\u00E1r Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Box - 10GB of FREE storage = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.7_0\
CHR - Extension: AdBlock = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Arcane Legends = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido\1.0.2.2_0\
CHR - Extension: Kontrola po\u0161ty Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: DigitalPersona Extension = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab\1.3.0.5571_1\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.5.6_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CSFTrayApp] "C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe" showtraymin File not found
O4:64bit: - HKLM..\Run: [DellPoaEvents] C:\Program Files\Dell\PPO\DellPoaEvents.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Fences] C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_PushButton] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-826929475-743330940-1988914792-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-826929475-743330940-1988914792-1001..\Run: [Arvo] C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE (ROCCAT)
O4 - HKU\S-1-5-21-826929475-743330940-1988914792-1001..\Run: [DellSystemDetect] C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms ()
O4 - HKU\S-1-5-21-826929475-743330940-1988914792-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..Trusted Domains: dell.com ([]* in Dôveryhodné lokality)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18735057-FAB0-45E8-90F1-8316B2001079}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26134379-5FA0-4381-AD01-DB6AC86F82B8}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe) - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2014.01.24 23:30:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MrVopi\Desktop\OTL.exe
[2014.01.24 09:31:35 | 000,000,000 | ---D | C] -- C:\Users\MrVopi\AppData\Local\next car game technology sneak peek
[2014.01.23 20:34:45 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.23 20:33:03 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\MrVopi\Desktop\FRSTLauncher.exe
[2014.01.23 20:32:07 | 002,077,696 | ---- | C] (Farbar) -- C:\Users\MrVopi\Desktop\FRST64.exe
[2014.01.22 22:24:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.22 15:59:36 | 000,000,000 | ---D | C] -- C:\Users\MrVopi\AppData\Roaming\Malwarebytes
[2014.01.22 15:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.22 15:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.22 15:59:17 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.01.22 15:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.22 15:58:21 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\MrVopi\Desktop\mbam-setup.exe
[2014.01.22 13:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.01.22 13:52:31 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#17 Příspěvek od valdoDK »

POKRACOVANIE OTL:

========== Files - Modified Within 7 Days ==========

[2014.01.24 23:43:09 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.24 23:42:40 | 000,131,072 | -HS- | M] () -- C:\CredSED.dat
[2014.01.24 23:41:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\tasks\MATLAB R2012b Startup Accelerator.job
[2014.01.24 23:41:44 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job
[2014.01.24 23:41:07 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014.01.24 23:41:05 | 808,157,181 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.24 23:30:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MrVopi\Desktop\OTL.exe
[2014.01.24 17:08:53 | 000,003,829 | ---- | M] () -- C:\Users\MrVopi\Desktop\bla.jpg
[2014.01.24 17:02:19 | 000,065,617 | ---- | M] () -- C:\Users\MrVopi\Desktop\sala.jpg
[2014.01.24 16:51:30 | 000,099,845 | ---- | M] () -- C:\Users\MrVopi\Desktop\frst.jpg
[2014.01.24 16:09:10 | 000,037,888 | ---- | M] () -- C:\Users\MrVopi\Desktop\tanky.exe
[2014.01.24 14:50:21 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014.01.24 14:17:21 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014.01.24 14:02:33 | 000,420,600 | ---- | M] () -- C:\Users\MrVopi\Desktop\vyletik2-mapa.jpg
[2014.01.24 14:00:17 | 000,097,587 | ---- | M] () -- C:\Users\MrVopi\Desktop\vyletik2-body.jpg
[2014.01.24 13:49:32 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.01.24 13:49:32 | 000,739,908 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014.01.24 13:49:32 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.01.24 13:49:32 | 000,151,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014.01.24 13:49:32 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.01.23 20:41:17 | 000,029,696 | ---- | M] () -- C:\Users\MrVopi\AppData\Local\MSGBOX.EXE
[2014.01.23 20:41:17 | 000,015,327 | ---- | M] () -- C:\Users\MrVopi\Desktop\LM.bat
[2014.01.23 20:33:17 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\MrVopi\Desktop\FRSTLauncher.exe
[2014.01.23 20:32:11 | 002,077,696 | ---- | M] (Farbar) -- C:\Users\MrVopi\Desktop\FRST64.exe
[2014.01.23 20:24:07 | 005,233,048 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.01.23 10:45:28 | 000,200,009 | ---- | M] () -- C:\Users\MrVopi\Desktop\sla.jpg
[2014.01.23 10:44:07 | 000,146,189 | ---- | M] () -- C:\Users\MrVopi\Desktop\SLA-OLA2.jpg
[2014.01.23 00:21:43 | 000,034,772 | ---- | M] () -- C:\Users\MrVopi\Desktop\SLA-OLA.jpg
[2014.01.23 00:12:46 | 000,823,330 | ---- | M] () -- C:\Users\MrVopi\Desktop\ius_diagramy_modely.pdf
[2014.01.22 22:24:18 | 001,236,282 | ---- | M] () -- C:\Users\MrVopi\Desktop\adwcleaner.exe
[2014.01.22 15:59:19 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.22 15:58:32 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\MrVopi\Desktop\mbam-setup.exe
[2014.01.22 14:43:01 | 000,487,335 | ---- | M] () -- C:\Users\MrVopi\Desktop\sem2014.pdf
[2014.01.22 14:42:35 | 000,070,633 | ---- | M] () -- C:\Users\MrVopi\Desktop\IUS_otazky.pdf
[2014.01.22 13:51:19 | 000,935,175 | ---- | M] () -- C:\Users\MrVopi\Desktop\RSITx64.exe
[2014.01.22 13:40:37 | 000,102,346 | ---- | M] () -- C:\Users\MrVopi\Desktop\timed-out.jpg
[2014.01.22 13:39:37 | 000,170,306 | ---- | M] () -- C:\Users\MrVopi\Desktop\ping.jpg
[2014.01.21 22:11:11 | 000,268,284 | ---- | M] () -- C:\Users\MrVopi\Desktop\daco IUS.jpg
[2014.01.21 21:56:04 | 000,170,867 | ---- | M] () -- C:\Users\MrVopi\Desktop\transformeris.jpg
[2014.01.21 17:58:06 | 065,331,637 | ---- | M] () -- C:\Users\MrVopi\Desktop\Best Of Majestic Casual Mix - 2012-2013 - Mix #3.mp3
[2014.01.21 10:28:43 | 000,100,912 | ---- | M] () -- C:\Users\MrVopi\Desktop\rotacie.jpg
[2014.01.21 08:35:24 | 000,066,132 | ---- | M] () -- C:\Users\MrVopi\Desktop\tabulka.jpg
[2014.01.20 22:09:52 | 000,014,515 | ---- | M] () -- C:\Users\MrVopi\Desktop\rol.jpg
[2014.01.20 21:46:43 | 002,088,999 | ---- | M] () -- C:\Users\MrVopi\Desktop\fotka.JPG
[2014.01.19 17:35:33 | 000,028,900 | ---- | M] () -- C:\Users\MrVopi\Desktop\party.png
[2014.01.19 17:35:33 | 000,000,132 | ---- | M] () -- C:\Users\MrVopi\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014.01.19 17:35:23 | 000,188,659 | ---- | M] () -- C:\Users\MrVopi\Desktop\party.psd
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.24 17:08:53 | 000,003,829 | ---- | C] () -- C:\Users\MrVopi\Desktop\bla.jpg
[2014.01.24 17:00:24 | 000,065,617 | ---- | C] () -- C:\Users\MrVopi\Desktop\sala.jpg
[2014.01.24 16:51:30 | 000,099,845 | ---- | C] () -- C:\Users\MrVopi\Desktop\frst.jpg
[2014.01.24 16:09:10 | 000,037,888 | ---- | C] () -- C:\Users\MrVopi\Desktop\tanky.exe
[2014.01.24 14:01:27 | 000,420,600 | ---- | C] () -- C:\Users\MrVopi\Desktop\vyletik2-mapa.jpg
[2014.01.24 14:00:17 | 000,097,587 | ---- | C] () -- C:\Users\MrVopi\Desktop\vyletik2-body.jpg
[2014.01.23 20:41:17 | 000,015,327 | ---- | C] () -- C:\Users\MrVopi\Desktop\LM.bat
[2014.01.23 20:34:24 | 000,029,696 | ---- | C] () -- C:\Users\MrVopi\AppData\Local\MSGBOX.EXE
[2014.01.23 10:45:28 | 000,200,009 | ---- | C] () -- C:\Users\MrVopi\Desktop\sla.jpg
[2014.01.23 10:44:07 | 000,146,189 | ---- | C] () -- C:\Users\MrVopi\Desktop\SLA-OLA2.jpg
[2014.01.23 00:21:43 | 000,034,772 | ---- | C] () -- C:\Users\MrVopi\Desktop\SLA-OLA.jpg
[2014.01.23 00:12:46 | 000,823,330 | ---- | C] () -- C:\Users\MrVopi\Desktop\ius_diagramy_modely.pdf
[2014.01.22 22:24:17 | 001,236,282 | ---- | C] () -- C:\Users\MrVopi\Desktop\adwcleaner.exe
[2014.01.22 15:59:19 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.22 14:43:00 | 000,487,335 | ---- | C] () -- C:\Users\MrVopi\Desktop\sem2014.pdf
[2014.01.22 14:42:35 | 000,070,633 | ---- | C] () -- C:\Users\MrVopi\Desktop\IUS_otazky.pdf
[2014.01.22 13:51:18 | 000,935,175 | ---- | C] () -- C:\Users\MrVopi\Desktop\RSITx64.exe
[2014.01.22 13:40:37 | 000,102,346 | ---- | C] () -- C:\Users\MrVopi\Desktop\timed-out.jpg
[2014.01.22 13:19:53 | 000,170,306 | ---- | C] () -- C:\Users\MrVopi\Desktop\ping.jpg
[2014.01.21 22:11:11 | 000,268,284 | ---- | C] () -- C:\Users\MrVopi\Desktop\daco IUS.jpg
[2014.01.21 21:56:04 | 000,170,867 | ---- | C] () -- C:\Users\MrVopi\Desktop\transformeris.jpg
[2014.01.21 17:53:35 | 065,331,637 | ---- | C] () -- C:\Users\MrVopi\Desktop\Best Of Majestic Casual Mix - 2012-2013 - Mix #3.mp3
[2014.01.21 08:35:24 | 000,066,132 | ---- | C] () -- C:\Users\MrVopi\Desktop\tabulka.jpg
[2014.01.20 22:09:52 | 000,014,515 | ---- | C] () -- C:\Users\MrVopi\Desktop\rol.jpg
[2014.01.20 22:09:27 | 000,100,912 | ---- | C] () -- C:\Users\MrVopi\Desktop\rotacie.jpg
[2014.01.20 21:46:38 | 002,088,999 | ---- | C] () -- C:\Users\MrVopi\Desktop\fotka.JPG
[2014.01.19 17:35:31 | 000,028,900 | ---- | C] () -- C:\Users\MrVopi\Desktop\party.png
[2014.01.19 17:35:21 | 000,188,659 | ---- | C] () -- C:\Users\MrVopi\Desktop\party.psd
[2014.01.15 20:42:29 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.12.26 23:46:41 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2013.12.23 21:23:44 | 000,000,132 | ---- | C] () -- C:\Users\MrVopi\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.12.14 13:53:18 | 000,314,656 | ---- | C] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2013.11.22 16:58:00 | 000,001,733 | ---- | C] () -- C:\Users\MrVopi\AppData\Local\SRDownloader.err
[2013.11.22 16:28:00 | 000,001,096 | ---- | C] () -- C:\Users\MrVopi\AppData\Local\SRDownloader.nast
[2013.11.11 10:14:11 | 000,000,600 | ---- | C] () -- C:\Users\MrVopi\AppData\Roaming\winscp.rnd
[2013.11.08 08:50:11 | 000,000,600 | ---- | C] () -- C:\Users\MrVopi\AppData\Local\PUTTY.RND
[2013.11.07 13:11:58 | 000,214,392 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2013.11.07 13:11:57 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013.11.07 03:30:00 | 000,000,390 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.11.07 03:29:58 | 000,000,206 | ---- | C] () -- C:\WINDOWS\hbcikrnl.ini
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.05.12 02:17:52 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013.11.07 04:00:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.23 12:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.23 09:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.12.27 00:02:44 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Atari
[2013.11.07 03:03:15 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Battle.net
[2013.12.19 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\CadSoft
[2013.11.22 02:09:56 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\DeskbandControls
[2013.11.07 03:38:04 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\DigitalPersona
[2013.11.28 14:57:40 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Doublefine
[2013.12.08 13:36:32 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\e-academy Inc
[2013.12.24 17:07:51 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\EAC
[2014.01.24 16:52:06 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\FileZilla
[2014.01.22 13:11:24 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\foobar2000
[2013.12.15 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Leadertech
[2013.11.24 14:33:55 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\LolClient
[2013.12.26 23:04:37 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Notepad++
[2013.11.07 03:50:16 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Origin
[2013.11.07 01:30:06 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\PCDr
[2013.11.23 18:29:24 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Riot Games
[2013.12.20 16:08:32 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Spotify
[2013.12.26 13:53:11 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Stardock
[2013.11.07 02:39:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Sublime Text 2
[2013.12.11 21:26:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Subversion
[2013.11.08 10:37:19 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\TeraCopy
[2013.11.20 21:55:31 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\TS3Client
[2013.12.27 00:34:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Ubisoft
[2014.01.07 03:42:54 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Unity
[2013.11.22 05:29:05 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\VitySoft

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013.08.22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.11.22 01:50:14 | 000,000,922 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job
[2013.12.08 04:31:31 | 000,000,926 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cef3c5fd03d909.job
[2013.12.11 21:23:32 | 000,000,568 | ---- | C] () -- C:\WINDOWS\Tasks\MATLAB R2012b Startup Accelerator.job

< >

< MD5 for: ATAPI.SYS >
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013.08.22 13:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013.08.22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\WINDOWS\SysNative\autochk.exe
[2013.08.22 12:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2013.08.22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\SysWOW64\autochk.exe
[2013.08.22 05:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013.08.22 09:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2013.10.22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013.10.22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013.11.13 06:43:10 | 000,203,518 | ---- | M] () MD5=215DD98F69B5D69E6F0BF2EF3818506B -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2013.11.21 15:00:43 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013.10.22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013.10.22 08:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013.11.21 17:37:56 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2013.11.13 06:09:18 | 000,275,235 | ---- | M] () MD5=F34060643B62C288757F9F0D75A07877 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe

< MD5 for: HAL.DLL >
[2013.09.21 12:04:00 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=7DEA8CDADD23BBFFC8C47EFE6AF11328 -- C:\WINDOWS\SysNative\hal.dll
[2013.09.21 12:04:00 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=7DEA8CDADD23BBFFC8C47EFE6AF11328 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2013.11.13 06:09:31 | 000,037,857 | ---- | M] () MD5=BB4F33698071C6FCAFD573E80ADEFFB8 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16384_none_9be752af2da13dc9\hal.dll

< MD5 for: SCECLI.DLL >
[2013.08.22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013.08.22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013.08.22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013.08.22 10:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SERVICES.EXE >
[2013.08.22 14:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013.08.22 14:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe

< MD5 for: SVCHOST.EXE >
[2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2013.08.22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013.08.22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2013.11.13 06:39:27 | 000,398,545 | ---- | M] () MD5=0547699BA453E88755EA60013D8F31DA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16384_none_a3dc725d3a5d476a\tcpip.sys
[2013.11.05 21:12:19 | 002,551,128 | ---- | M] (Microsoft Corporation) MD5=3D9A5AC880D7AA2305812D665D24ED23 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2013.11.05 21:12:19 | 002,551,128 | ---- | M] (Microsoft Corporation) MD5=3D9A5AC880D7AA2305812D665D24ED23 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2013.10.08 11:13:33 | 002,551,640 | ---- | M] (Microsoft Corporation) MD5=6617F44D2432C529B2249A0498B6B40A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2013.11.21 17:35:02 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013.08.22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013.08.22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013.08.22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013.08.22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.08.22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013.08.22 10:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[29 C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[11 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.24 17:08:47 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\AccurateRip
[2013.12.06 02:23:39 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Adobe
[2013.11.14 19:17:41 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Apple Computer
[2013.12.27 00:02:44 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Atari
[2013.11.07 03:03:15 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Battle.net
[2013.12.19 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\CadSoft
[2014.01.15 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\CodeBlocks
[2013.11.22 02:09:56 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\DeskbandControls
[2013.11.07 03:38:04 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\DigitalPersona
[2013.11.28 14:57:40 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Doublefine
[2013.12.01 23:51:31 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\dvdcss
[2013.12.08 13:36:32 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\e-academy Inc
[2013.12.24 17:07:51 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\EAC
[2014.01.24 16:52:06 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\FileZilla
[2014.01.22 13:11:24 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\foobar2000
[2013.11.19 01:18:56 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\InstallShield
[2013.12.15 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Leadertech
[2013.12.15 13:08:14 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Logishrd
[2013.12.15 13:08:44 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Logitech
[2013.11.24 14:33:55 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\LolClient
[2013.11.07 01:07:26 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Macromedia
[2014.01.22 15:59:36 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Malwarebytes
[2013.12.11 21:26:18 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\MathWorks
[2013.12.11 21:23:31 | 000,000,000 | --SD | M] -- C:\Users\MrVopi\AppData\Roaming\Microsoft
[2013.12.26 23:04:37 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Notepad++
[2013.12.03 01:44:16 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\NVIDIA
[2013.11.07 03:50:16 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Origin
[2013.11.07 01:30:06 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\PCDr
[2013.11.23 18:29:24 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Riot Games
[2013.12.10 04:25:38 | 000,000,000 | RH-D | M] -- C:\Users\MrVopi\AppData\Roaming\SecuROM
[2014.01.07 03:38:28 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Skype
[2013.12.20 16:08:32 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Spotify
[2013.12.26 13:53:11 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Stardock
[2013.11.07 02:39:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Sublime Text 2
[2013.12.11 21:26:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Subversion
[2013.11.08 10:37:19 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\TeraCopy
[2013.11.20 21:55:31 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\TS3Client
[2013.12.27 00:34:21 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Ubisoft
[2014.01.07 03:42:54 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\Unity
[2013.11.22 05:29:05 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\VitySoft
[2014.01.23 23:24:19 | 000,000,000 | ---D | M] -- C:\Users\MrVopi\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2013.12.15 13:08:43 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\MrVopi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2013.12.08 13:36:32 | 000,009,662 | R--- | M] () -- C:\Users\MrVopi\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_112D608FD02CD87FDC7735.exe
[2013.12.08 13:36:32 | 000,009,662 | R--- | M] () -- C:\Users\MrVopi\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_79D2A80A4D5E408F6C77D2.exe
[2013.12.08 13:36:32 | 000,009,662 | R--- | M] () -- C:\Users\MrVopi\AppData\Roaming\Microsoft\Installer\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}\_853F67D554F05449430E7E.exe
[2013.12.16 12:23:59 | 005,951,488 | ---- | M] (Spotify Ltd) -- C:\Users\MrVopi\AppData\Roaming\Spotify\spotify.exe
[2013.12.16 12:23:59 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Users\MrVopi\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2013.12.16 12:23:57 | 000,610,304 | ---- | M] () -- C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2013.12.16 12:23:57 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\MrVopi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.01.24 23:41:44 | 000,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job
[2013.12.08 04:31:31 | 000,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cef3c5fd03d909.job
[2014.01.24 23:41:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\Tasks\MATLAB R2012b Startup Accelerator.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.24 14:17:21 | 000,214,392 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2014.01.24 14:50:21 | 000,214,392 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DellSystemDetect" = C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms -- [2013.11.07 01:17:41 | 000,000,370 | ---- | M] ()
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2014.01.07 22:00:20 | 001,815,464 | ---- | M] (Valve Corporation)
"Arvo" = "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" -- [2010.04.01 17:30:56 | 000,582,144 | ---- | M] (ROCCAT)
"AdobeBridge" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.08.22 06:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.01.11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) MD5=3B0BA44D5691E00088B956394FDE64B6 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2010.10.08 11:10:04 | 000,000,254 | ---- | M] () -- \Program Files\MATLAB\R2012b\resources\pde\en\crackg.xml
[2001.02.09 12:03:10 | 000,000,483 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\pde\crackb.m
[2010.10.08 12:14:22 | 000,002,865 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\pde\crackg.m
[2005.03.07 12:35:58 | 000,000,091 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\pde\ja\crackb.m
[2005.03.07 12:35:58 | 000,000,582 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\pde\ja\crackg.m
[2014.01.06 01:02:56 | 000,003,072 | ---- | M] () -- \Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2014.01.06 01:02:56 | 000,003,608 | ---- | M] () -- \Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
[2013.11.22 05:29:05 | 000,005,592 | ---- | M] () -- \Users\MrVopi\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >

< *loader* /s >
[2012.03.13 12:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.11.19 19:11:33 | 000,064,000 | ---- | M] () -- \Program Files (x86)\Assassins Creed IV Black Flag\uplay_r1_loader.dll
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.09.13 19:51:30 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.05.09 01:43:22 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 01:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.10.11 17:46:22 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\de\static\loader.gif
[2012.10.11 17:46:18 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\en\static\loader.gif
[2012.10.11 17:46:20 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\es\static\loader.gif
[2012.10.11 17:46:22 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\fr\static\loader.gif
[2012.10.11 17:46:22 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\ja\static\loader.gif
[2012.10.11 17:46:20 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\pt\static\loader.gif
[2012.10.11 17:46:20 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\ru\static\loader.gif
[2012.10.11 17:46:18 | 000,007,364 | ---- | M] () -- \Program Files (x86)\Dell\ClientSystemUpdate\Help\zh-CN\static\loader.gif
[2013.05.28 22:02:58 | 000,000,118 | ---- | M] () -- \Program Files (x86)\GRID 2\audio\audio_loader.xml
[2011.07.18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2013.06.04 19:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 19:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 19:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 19:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2009.12.23 21:21:28 | 000,069,632 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Cryptic Studios\Neverwinter\Live\PhysXLoader.dll
[2013.12.27 00:36:26 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.03.13 12:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.05.09 01:43:22 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 01:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.10.09 00:49:16 | 000,026,464 | ---- | M] () -- \Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
[2013.04.12 01:31:32 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\de\static\loader.gif
[2013.04.12 01:31:30 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\en\static\loader.gif
[2013.04.12 01:31:32 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\es\static\loader.gif
[2013.04.12 01:31:32 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\fr\static\loader.gif
[2013.04.12 01:31:32 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\ja\static\loader.gif
[2013.04.12 01:31:30 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\pt\static\loader.gif
[2013.04.12 01:31:32 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\ru\static\loader.gif
[2013.04.12 01:31:30 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PowerManager\Help\zh-CN\static\loader.gif
[2013.07.19 10:38:54 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\de\static\loader.gif
[2013.07.19 10:38:54 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\en\static\loader.gif
[2013.07.19 10:38:56 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\es\static\loader.gif
[2013.07.19 10:38:56 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\fr\static\loader.gif
[2013.07.19 10:38:56 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\ja\static\loader.gif
[2013.07.19 10:38:58 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\pt\static\loader.gif
[2013.07.19 10:38:58 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\ru\static\loader.gif
[2013.07.19 10:38:58 | 000,007,364 | ---- | M] () -- \Program Files\Dell\PPO\DCSU\help\zh-CN\static\loader.gif
[2012.07.20 18:50:48 | 000,000,816 | ---- | M] () -- \Program Files\MATLAB\R2012b\bin\registry\dotnetcli_loader.xml
[2012.08.22 22:34:56 | 000,009,216 | ---- | M] () -- \Program Files\MATLAB\R2012b\bin\win64\dotnetcli_loader.dll
[2012.07.20 18:49:26 | 000,012,619 | ---- | M] () -- \Program Files\MATLAB\R2012b\help\datafeed\rdthloader.html
[2012.07.20 18:49:26 | 000,012,830 | ---- | M] () -- \Program Files\MATLAB\R2012b\help\datafeed\rnseloader.html
[2009.09.21 06:46:08 | 000,015,003 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\AutoLoader.pm
[2005.09.12 13:21:36 | 000,000,727 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\ByteLoader.pm
[2010.01.26 22:16:30 | 000,027,274 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\DynaLoader.pm
[2008.10.25 14:58:38 | 000,017,776 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\SelfLoader.pm
[2010.01.26 22:16:30 | 000,010,882 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\XSLoader.pm
[2010.01.26 22:18:04 | 000,032,875 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\auto\ByteLoader\ByteLoader.dll
[2008.06.07 07:04:56 | 000,001,378 | ---- | M] () -- \Program Files\MATLAB\R2012b\sys\perl\win32\lib\Locale\Maketext\GutsLoader.pm
[2011.12.06 12:22:52 | 000,008,949 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\datafeed\datafeed\rdthloader.m
[2012.03.23 13:56:10 | 000,008,719 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\datafeed\datafeed\rnseloader.m
[2012.03.07 16:36:18 | 000,098,816 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\imaq\imaqextern\drivers\win64\genicam\GenICam_v2_3\bin\Win64_x64\GenApi\Generic\XMLLoader_MD_VC80_v2_3.dll
[2010.01.31 22:11:52 | 000,011,380 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\instrument\instrument\private\privateIviComLoader.m
[2008.10.08 12:14:06 | 000,000,257 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\local\classloader.txt
[2012.07.20 20:37:14 | 000,000,539 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\simulink\simulink\+Simulink\+sdi\@SimulinkModelLoader\SimulinkModelLoader.p
[2012.07.20 20:37:28 | 000,000,535 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\stm\stm\+stm\SimulinkModelLoader.p
[2012.07.21 09:40:44 | 000,032,256 | ---- | M] () -- \Program Files\MATLAB\R2012b\toolbox\symbolic\symbolic\mupadmexunloader.mexw64
[2013.08.22 20:13:14 | 000,000,930 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013.08.22 20:11:47 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013.08.22 20:11:48 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013.08.22 20:11:48 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013.08.22 20:13:21 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.12.18 14:29:40 | 000,054,211 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.338.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.10.10 02:07:12 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.10.10 02:07:12 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.10.10 02:07:12 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.10 02:07:12 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.10.10 02:07:12 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.23 18:35:49 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.58\deploy\assets\storeImages\layout\small_loader.gif
[2013.10.10 02:07:12 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.10.10 02:07:12 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.10.10 02:07:12 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.10 02:07:12 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.10.10 02:07:12 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.12.23 18:30:06 | 000,001,733 | ---- | M] () -- \Users\MrVopi\AppData\Local\SRDownloader.err
[2013.12.26 23:13:15 | 000,001,096 | ---- | M] () -- \Users\MrVopi\AppData\Local\SRDownloader.nast
[2013.12.23 17:33:08 | 000,002,545 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\IE\6IDV1MCC\loader-79aca8e96b75987edec10b1fea88163b[1].gif
[2013.12.20 18:41:21 | 000,110,991 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\IE\EWYT9PZ9\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2013.12.20 18:41:21 | 000,001,537 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\IE\WFAO41QB\AdLoader[1].htm
[2013.12.16 20:47:30 | 000,003,061 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\IE\WFAO41QB\rmsloaderdelayeddiv[1].js
[2014.01.02 19:54:29 | 000,256,784 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SXKH5S9H\cssloader-8142c07e6d5c[1].css
[2014.01.02 19:54:29 | 000,102,242 | ---- | M] () -- \Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SXKH5S9H\jsloader-b797cdacfc0b[1].js
[2013.11.22 16:27:49 | 000,905,728 | ---- | M] () -- \Users\MrVopi\Desktop\SRDownloader.exe
[2013.11.25 20:36:15 | 000,017,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\86595041cdd4a8de0981e371e374962c\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2013.11.25 20:36:15 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\86595041cdd4a8de0981e371e374962c\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119150000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119150000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119150000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119150000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.11.25 20:35:46 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2013.12.26 23:03:35 | 000,073,068 | ---- | M] () -- \Windows\Prefetch\SRDOWNLOADER.EXE-11FAFF11.pf
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 15:52:34 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2013.08.22 15:52:33 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2013.08.22 12:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013.08.22 14:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 12:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 12:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 12:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 12:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 12:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 12:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2013.11.08 10:29:59 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2013.11.13 06:52:03 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winload.efi.mui_35ee487d
[2013.11.13 06:52:03 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winload.exe.mui_3bc5b827
[2013.11.13 06:52:03 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winresume.efi.mui_f412814e
[2013.11.13 06:52:03 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089_winresume.exe.mui_ff8b5358
[2013.08.22 20:09:46 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2013.11.13 06:52:03 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winload.efi.mui_35ee487d
[2013.11.13 06:52:03 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winload.exe.mui_3bc5b827
[2013.11.13 06:52:03 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winresume.efi.mui_f412814e
[2013.11.13 06:52:03 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winresume.exe.mui_ff8b5358
[2013.12.14 13:11:15 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2013.12.19 14:27:35 | 000,716,508 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winload.efi_75834aa0
[2013.12.19 14:27:36 | 000,653,334 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winload.exe_75835076
[2013.12.19 14:27:37 | 000,640,528 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winresume.efi_85cd069f
[2013.12.19 14:27:37 | 000,581,014 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62_winresume.exe_85cd1215
[2013.08.22 16:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013.11.08 10:28:56 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2013.08.22 20:08:49 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2013.08.22 16:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013.11.07 08:19:17 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013.11.07 08:18:48 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013.12.14 12:29:53 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013.08.22 14:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 14:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 14:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\MrVopi\SkyDrive:ms-properties

< End of report >
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#18 Příspěvek od valdoDK »

LOG EXTRAS:

OTL Extras logfile created on: 24.1.2014 23:42:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MrVopi\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

15,94 Gb Total Physical Memory | 13,34 Gb Available Physical Memory | 83,65% Memory free
18,32 Gb Paging File | 15,39 Gb Available in Paging File | 84,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,14 Gb Total Space | 15,45 Gb Free Space | 6,77% Space Free | Partition Type: NTFS

Computer Name: MRVOPI-PC | User Name: MrVopi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08FD7982-2EF0-40EC-84FB-A2D28FF852C7}" = lport=445 | protocol=6 | dir=in | app=system |
"{0D3DCF7E-88A0-4B58-88D2-2D450FC7AA4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DB5C269-C56A-4248-B3B3-C018E214BE35}" = rport=445 | protocol=6 | dir=out | app=system |
"{11EEA21B-0CB6-4C93-B9D2-74B313FC28AF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{18925BDD-1F7C-48D0-867F-EE1B25E976B4}" = lport=138 | protocol=17 | dir=in | app=system |
"{1E904C3C-C6CC-4E0D-B8E4-889483D58B79}" = lport=139 | protocol=6 | dir=in | app=system |
"{2ED90F58-B99B-4936-A2DB-D27D13148C72}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3221DCA4-EFB7-4D66-B7B6-626B2E06C4D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{40D091AB-E1B2-4FDD-B7AA-3AD50FD11635}" = rport=137 | protocol=17 | dir=out | app=system |
"{53C664DD-4FD9-4B7D-BA57-FFBD008C903D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59440613-836D-47CA-88D3-7A7973991F87}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5C4129DB-5BEB-43D5-8391-E90FC783C64B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5EBF2FBB-F03F-4B33-97B4-4F693B37E7DA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{73201BD7-CE12-4972-B938-9DAD3625D71E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7CF80F7D-E41F-4550-AE78-6158E48B4B91}" = rport=139 | protocol=6 | dir=out | app=system |
"{7F6ED4C1-033C-4FA3-BE7C-D0FD5D85A296}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8457B46D-FF1A-4FEA-8755-DF79BAF87EA9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90498D3A-F48A-4126-9D93-8C576C0A4325}" = rport=138 | protocol=17 | dir=out | app=system |
"{98E3DF5E-EC9B-42BD-A749-AFF7CB23B0D3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{B0F02C9A-185C-49C5-AA89-87AA6BFC3DF4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BB4D7726-FCC6-4AB5-B54C-64A049025E84}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EAB0D384-4CC1-4230-8ABB-E14A56EA5C51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00320635-47D2-44CF-BD28-63A4A1CDA96E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{00DBE00F-2A66-4039-AA4A-05DA0F14F47B}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{02183EFA-083D-4FE9-BC99-024CA729ACDF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{02538A1A-0524-4F0D-B6FF-7829B75A6DA3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0858E75F-BA4E-488C-B591-A763A1B0766A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0A75C8B9-4833-470B-8044-23985E7655AD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{0BE07293-A53C-433F-B26D-8A70C331D204}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{0D3F6CED-4A43-42AF-B1AA-0C06F8E964B9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0E15B6C9-F8D8-419F-8008-AE9B6B099CF4}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{0EFAE3D6-40AE-437B-8C58-1F08395A7E43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12D9558D-4580-40EC-9490-14E8EAC974DE}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{15DFD701-4F44-47BF-8FFA-276417DE1F32}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1683C845-7242-4EF7-B5C0-812D454E7F67}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{1763A487-3872-42D8-9C83-C033E9D9F6CA}" = dir=out | name=hp printer control |
"{18662728-29D8-4FF1-8936-EE6284ADB33F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1A716289-537F-4C52-996E-3D9C385EB9AF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1D10E901-883F-4357-82C9-08B2F6BAFDBE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{2144C6F7-37F9-4180-8C7A-B932862E519A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{228B08C1-C946-4AE6-9C2D-669758C63C6C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{2623BA29-42F3-4FDB-8240-4004B4C080D9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{26B22A35-70EB-4F9A-92C8-B3F8FADB17FC}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{27450568-C2A9-48D7-83F2-0882A0AEC707}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{28008CA1-D61C-4E5D-8405-6B1F21DB49C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{28A46146-44E1-444D-8B1B-B9954289E32F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{29B4BE1C-9CCD-4667-8136-07E0D0011385}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{2A75E02F-4B34-4342-A6E6-784852DB1929}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{2A8BB890-FFAF-48ED-9E45-F82DDFCE3778}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thecave\cave.exe |
"{2C308295-9B83-4772-BD50-A743E988DF6A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2DC51390-B0EF-4CE4-B8B6-65B8365ED3CF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{2DC87A04-C746-41E9-9467-742E4F3BBD6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"{2E28A43B-161C-4AB4-929B-3645EF8A6ADD}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{31107B6E-EC6D-40E2-9F4D-41DAEEE6A482}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{32321887-319C-40CF-B3BE-D0E799424783}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{337D2126-4720-48D4-A991-2890A4339D23}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{342D484A-65EC-4463-AA87-0CB998A8D9BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{349801D1-E821-42EA-9F9F-3D1690B38F7D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{3686CD13-B7D2-4F42-B8F7-70FBB1799497}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{37458DF0-CE58-4EF5-818E-D8953B2FC606}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{380B51C6-80AE-478E-A991-FB7F545880B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\next car game sneak peek 2.0\next car game technology sneak peek.exe |
"{38C01D70-6245-4601-9AB5-50B3183AD2A1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{394400C3-21BB-48DB-BC4F-2825E344BC46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A7274E7-C58C-44A6-BD2C-69E04F91CBF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{3A7AB5C1-DA8B-4766-B4A9-75CBDDFD6797}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{3AE9711E-FB95-4D61-ABF2-6C2B57803717}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{3DC2F601-3ECE-4064-BCAD-29F7EB9DCF45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{439EC4E7-8525-4B1B-9D7A-5C09209285EB}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{44AA0C6D-7F52-4168-B534-8AB82CAD9359}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{454D8E34-90C5-4EA0-B9E4-B69DBC661861}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47C3A2E6-FA50-46B8-9D1F-36C652D62E9E}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{486692DF-AB2C-47F3-BBDC-6BF309886828}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"{4882CD94-4DE5-4575-A952-9D2770F3F4B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{4891C8E6-FF2C-4BFA-B757-B509BC70B54F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{48A20504-A901-4276-B105-2B18DDE60D27}" = dir=out | name=@{microsoft.zunemusic_2.2.444.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4CE4C603-EDA9-4947-8AAD-9CD8765584B5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4CED6271-BC35-4A12-827A-75C458B73BB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{4EA657E4-41C8-4CC3-80E9-02D7E2B8897C}" = dir=in | name=project spark |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54D40270-1C41-452C-92EF-53DF1FC2BDFB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{55434572-2F19-4C01-B576-C5B3347ED302}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55915E7A-E5D3-4B7A-B150-68BBF157B5C0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{55BE0019-1BDF-4FFE-9217-4E78C78E6FCA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{573CB270-EF7D-45FD-8D08-3969BCC9F7BF}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{59974DBA-403D-46DB-AA3B-3A583A2D0C1D}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{59EB8CE0-2A2D-4322-8B33-25B1264081BD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5A9934EE-6C9E-47DA-885B-B60EDAAAAC15}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{5DA07D37-630F-4F1A-BCCF-435DFFBF65E0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{5DEAE50F-D20E-48FB-995C-7E0E517BDAA2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60725EBF-767B-4F17-A04C-F2045E16493B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter.exe |
"{62D8043A-AB1B-4F25-9BD2-21D151A4CF34}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{65A9298C-4ACE-4F62-8F06-A067E22896A2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6877BD65-4877-4170-A5B6-2C20F05330DA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{69A6285D-2532-449D-A3BA-8C3446997332}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thecave\cave.exe |
"{6B99ADBE-F617-4C2B-9EAB-3E0F070F6E10}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2417\agent.exe |
"{6E75D002-9D42-46C1-9017-20A40142EB69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7026C2A3-F68B-4363-BE49-8920479DDA1D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{7059B1A2-5327-4C5B-94C7-19E89E9225D2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{74464B9C-E395-4BDF-B02E-7B97CD539049}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{7DE7143E-D30A-4435-88FB-6F4539BEEEDA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{82C0DC49-B326-4C90-84F7-3127D2CE54AC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8359BB34-F5FF-4F97-A85A-D74A8D3FD408}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{908E8D97-9405-4B96-BFC1-D92EB0122A37}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{913C7039-D830-4123-9A3C-8CAF0261C6AA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{95118DA4-13BC-4790-869F-21D51504776A}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{9697742D-4038-4BE0-B565-4CF381586A18}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{983C13D4-35F6-4D4C-8D29-310434EE00D4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9B4BEF3C-1DFF-44BA-8ED2-057B56D402F7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9D4AB521-5780-4E0A-8C28-894AF8A40DE8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9D8B9CAB-B8F2-430C-B46E-6C7058C950C1}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0EE1936-90F4-4A71-BE13-9C7D24B22D44}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{A1743536-1B25-46ED-BBB1-56A555BD536D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{A22923F9-FC68-4B73-A663-D399974C8BD2}" = protocol=6 | dir=out | app=system |
"{A2D4BC0A-50A0-4880-A34C-324341416598}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A4A2478E-A5C5-43A3-8C68-44CB9E4AB95B}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{A75FBC6D-E52C-42BA-85D2-0FA3DFF55E49}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A79B49E7-CADF-4B02-B740-6C0C89716E0D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A9595ED7-1D60-4E61-A122-83EBFF93EC96}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{AE814E85-8393-4FD8-B84D-723A6AF27664}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{AEE6EF22-A27D-4DD9-BCD5-036DC241EEFC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B01B041C-D3EA-474C-A82F-4970863EAA15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B0674BD1-CF83-4056-A2D6-5B7EE51BE340}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{B441D172-75C6-4F44-AE8A-AC6A8C7F0C6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B58F1927-8ADA-4B1B-9FD9-24B47B0EE4DE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{B80D4443-3673-4BFA-B8D1-70D4A748EDAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B856C2DC-33D1-4B35-AC2A-5EC3B36884DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bugbear entertainment\next car game.exe |
"{BBE218A4-F6D5-49D5-833F-5A5D003E433D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BC8FEA83-7B85-4531-8C9D-68609EF20645}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{BDC77E5A-A40E-450B-8D7B-755E78CD975F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{BFEFA0E7-C4B5-40AA-9D9F-44B222D7B0BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{C072F1FB-EAB2-4BE6-848C-CFC453CB3DD4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{C1E16DA3-66FC-49E6-96D3-44CAB827099D}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{C38F8E01-2656-48F7-B279-51675509EB4E}" = dir=in | name=hp printer control |
"{C553C8C5-65E5-4B5A-992C-897A86AA1578}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5B6AD9C-E260-49B1-8DBA-90863D201C2C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{C7665079-6A54-4D53-B32F-2F29AF698EF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\next car game sneak peek 2.0\next car game technology sneak peek.exe |
"{C83F0EB3-255B-498F-9013-B29CDF495B62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CA9066B9-1E35-4FA7-8685-73DA5C665DC2}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CAFA27C2-B748-458D-8A63-B99650672776}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{CB400947-37F9-46BB-B630-3E60CD1F2FCD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE73AB81-85FF-41EF-AE9C-2B357DC6FE58}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"{CE974130-E2BF-415F-8AEE-0A4DA7EF1771}" = dir=out | name=project spark |
"{CEDC6A37-6814-44CA-8562-DC53E335318D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CF7D2CFB-8C7D-4EFB-AF3D-5A838BA50FA8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{CF7EF0CC-30DA-47D9-AED6-F34CA81488D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{CFC17288-36CD-4599-B8E9-D5C8F79A1B67}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D0ABDA52-C00A-4494-8FCD-E62939B35D47}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{D0ED6382-20D8-45B2-817F-4029623F785E}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{D656D8ED-45C1-4EB0-AA68-F9CD6069B5C7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D765E2B7-A535-4E67-91C1-4C529A3101E8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D7C9A06E-6F18-4942-9B47-44B258F4CE97}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{D80BEA2F-6C1F-4F9D-BE43-5168D1267107}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D87DA5FF-0CEB-487C-B13D-4EDC6F2469F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D8B1EC95-A195-42A9-A086-2DDA80946636}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DA1FC944-ECD3-44B7-B6D5-5FCF8A3F3C8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB9D9D31-427A-47E8-92B8-04C21B09D95B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{DD16EFE8-6AF6-48BD-876E-C386848151FC}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{DDAF4B11-75CB-4103-BEB6-2F4F3EB93A1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{DDE201AA-C6B6-409C-91FB-4E77C3BF1EAA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2417\agent.exe |
"{DEFF7C9B-AFA9-4896-B665-247C9D2561F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E0EA5901-0F2E-4DEB-962A-040B99535BFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{E4537976-9B8F-4CBD-A9D1-9BA7887EADB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{E576E553-883D-414E-B301-E9BA7599A39E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{E9FBEEAD-A985-466D-BD80-4414C51B801B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA01B0A4-06D2-401E-84EC-851214267EF8}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEBB646E-593F-4A3B-9D6E-04AC509FCB81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{EF7EC9C5-FB7C-4E6F-995F-21BC7229C985}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{EF95DA85-5826-4452-931B-F0CDB3DD0E57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bugbear entertainment\next car game.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6474E49-3BE4-4129-A730-D7D7B9A32AFF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FBEC007D-441C-4959-8CC8-9CBD6056A747}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"TCP Query User{096AEBE3-D146-42BC-A4FA-16E8AF7B130C}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"TCP Query User{0E97ACE0-EB18-4A0B-9CD6-FA0ED0ECC8CE}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"TCP Query User{516B3315-804A-44D1-8824-7699C1149701}C:\program files (x86)\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"TCP Query User{5E364D48-65EC-4B78-9E93-6FAE28594524}C:\users\mrvopi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mrvopi\appdata\roaming\spotify\spotify.exe |
"TCP Query User{5F6568B1-1AA7-49B5-9625-68976AEB1399}C:\program files (x86)\foobar2000\foobar2000.exe" = protocol=6 | dir=in | app=c:\program files (x86)\foobar2000\foobar2000.exe |
"TCP Query User{99E4EF36-C9F4-4B3B-920B-29CF33D3E8F5}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{A6B1684F-56C6-4C41-8E08-F56E3FEC475A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{BD99A742-4FDD-4562-A0C2-5424232452C1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{E7903B5D-D7C9-4B8D-B6DC-28859DCA863D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{EA9EFB4D-C624-4526-AA49-A7588D30714E}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{291FCCDD-3E65-4C8B-B6F2-00172591512B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{3FCDE467-4815-404C-AD26-87D185A0C875}C:\program files (x86)\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"UDP Query User{4AA2959A-65EF-4405-8312-562565FD34A8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{6BE6CEEF-1A37-47F8-865E-8EF3BC510D8C}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{84D5BF82-35C4-4C8E-8D0E-168F00B5A4A6}C:\users\mrvopi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mrvopi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{8EA80A4B-1D2C-4118-8A4B-A5064141893B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{95F4E995-4BBC-474D-926C-715B0D4832A3}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{B82BFFBA-3170-4CC4-88D8-37B1F838CBEA}C:\program files (x86)\foobar2000\foobar2000.exe" = protocol=17 | dir=in | app=c:\program files (x86)\foobar2000\foobar2000.exe |
"UDP Query User{BA7A28C6-E489-4E92-96CA-2B49AE37A48A}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |
"UDP Query User{BCD84019-209B-4839-B912-788DBA37D332}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C11FE22-53F2-4C9B-9E79-824B10D0976E}" = Security Innovation TSS
"{155AF42F-9FDD-4880-9945-5D14E831FCF0}" = ESET Endpoint Antivirus
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{20FCD6DA-CE87-4EC3-89BA-61CD7552117B}" = O2Micro OZ776 SCR Driver
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2E55EEFD-2162-4A7D-9158-EDB0305603A6}" = Dell Data Vault
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62BC41BB-5DE8-42E0-AE11-F7EDC2DEC7D7}" = Dell ControlVault Host Components Installer 64 bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{760E2264-841F-497F-8E2F-D392990C1974}" = Validity WBF DDK 495
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8424B163-D1E0-48B7-88A2-C7A61767B3D7}" = Microsoft SQL Server Compact 4.0 x64 ENU
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-041B-1000-0000000FF1CE}" = Microsoft Access MUI (Slovak) 2013
"{90150000-0016-041B-1000-0000000FF1CE}" = Microsoft Excel MUI (Slovak) 2013
"{90150000-0018-041B-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Slovak) 2013
"{90150000-0019-041B-1000-0000000FF1CE}" = Microsoft Publisher MUI (Slovak) 2013
"{90150000-001A-041B-1000-0000000FF1CE}" = Microsoft Outlook MUI (Slovak) 2013
"{90150000-001B-041B-1000-0000000FF1CE}" = Microsoft Word MUI (Slovak) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2013
"{90150000-0044-041B-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Slovak) 2013
"{90150000-0054-0409-1000-0000000FF1CE}" = Microsoft Visio MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2013
"{90150000-0090-041B-1000-0000000FF1CE}" = Microsoft DCF MUI (Slovak) 2013
"{90150000-00A1-041B-1000-0000000FF1CE}" = Microsoft OneNote MUI (Slovak) 2013
"{90150000-00BA-041B-1000-0000000FF1CE}" = Microsoft Groove MUI (Slovak) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00C1-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E1-041B-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Slovak) 2013
"{90150000-00E2-041B-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Slovak) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-012B-041B-1000-0000000FF1CE}" = Microsoft Lync MUI (Slovak) 2013
"{91150000-0051-0000-1000-0000000FF1CE}" = Microsoft Visio Professional 2013
"{9CC89928-4787-4ED5-9942-4EBF6C2468E6}" = Dell System Manager
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A37033BB-8E6E-4E7B-9692-2F373FA2363A}" = Dell Data Protection | Security Tools Authentication
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 140.84
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI" = NVIDIA WMI 2.15.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CF5E8D60-A1FD-4BF2-9EDD-EA8C05F784A9}" = Dell Data Protection | Client Security Framework
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DD317AA5-F0EF-480F-9501-507712B5E0B6}" = SPBA (WBF) 5.9
"{E45D7941-F3F0-4E8E-AD55-DCE2FE0AE6D8}" = Dell Power Manager
"{F888B1E9-64E3-479D-91DB-2D9193C39535}" = AuthenTec WinBio FingerPrint Software 64-bit
"CCleaner" = CCleaner
"F83757BC3DFF5684ED21F4FD63A2BBB0B9F79953" = Windows Driver Package - Dell Inc (DellRbtn) HIDClass (06/26/2013 1.4.1)
"Matlab R2012b" = MATLAB R2012b
"MediaInfo" = MediaInfo 0.7.67
"Office15.PROPLUS" = Microsoft Office 2013 Professional Plus
"Office15.VISPROR" = Microsoft Visio Professional 2013
"PC-Doctor for Windows" = My Dell
"PROSet" = Intel(R) Network Connections Drivers
"sp6" = Logitech SetPoint 6.61
"Start8_is1" = Stardock Start8
"Sublime Text 2_is1" = Sublime Text 2.0.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeraCopy_is1" = TeraCopy 2.27

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04566294-A6B6-4462-9721-031073EB3694}" = Dell Client System Update
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1AE3AE10-5A68-4450-A4AB-E7696684EB68}" = Radeon RAMDisk
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2355B503-9B11-4449-861D-1C1748B26320}" = Realtek Audio COM Components
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{61DF2893-0069-4E50-A02E-3A41A97CB1B4}" = Arvo
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2AFD30-F80C-401C-9B85-03A05A2F7EFD}" = Dell Data Protection | Security Tools
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CB257516-16E5-43CB-B0CF-6F9C523CC605}" = O2Micro Flash Memory Card Windows Driver
"{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}" = Dell Precision Performance Optimizer
"{E2CAA395-66B3-4772-85E3-6134DBAB244E}" = Dell Protected Workspace
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}" = Secure Download Manager
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EE34FA4E-715A-46FA-9CAF-06E26AE4217D}" = CmgMasterPrerequisites
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Battle.net" = Battle.net
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FileZilla Client" = FileZilla Client 3.7.3
"foobar2000" = foobar2000 v1.3 beta 5
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"InstallShield_{20FCD6DA-CE87-4EC3-89BA-61CD7552117B}" = O2Micro OZ776 SCR Driver
"InstallShield_{AA2AFD30-F80C-401C-9B85-03A05A2F7EFD}" = Dell Data Protection | Security Tools
"InstallShield_{CB257516-16E5-43CB-B0CF-6F9C523CC605}" = O2Micro Flash Memory Card Windows Driver
"League of Legends 3.0.1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1" = Assassins Creed IV Black Flag
"R1JJRDI=_is1" = GRID 2 (c) Codemasters version 1
"SpeedFan" = SpeedFan (remove only)
"Stardock Fences 2" = Stardock Fences 2
"Steam App 109600" = Neverwinter
"Steam App 12210" = Grand Theft Auto IV
"Steam App 209160" = Call of Duty: Ghosts
"Steam App 209170" = Call of Duty: Ghosts - Multiplayer
"Steam App 221810" = The Cave
"Steam App 228380" = Next Car Game
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 272860" = Next Car Game Sneak Peek 2.0
"Steam App 48240" = Anno 2070
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8190" = Just Cause 2
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 2.1.0
"winscp3_is1" = WinSCP 5.1.7

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"CodeBlocks" = CodeBlocks
"JoinMe" = join.me
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.1.2014 3:41:35 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe Message: An unexpected error occurred
applying power plan settings. Error: (System.Runtime.InteropServices.COMException)
at POWPLNSET-APP2 The remote procedure call failed. (Exception from HRESULT: 0x800706BE)
Miscellaneous
Error Information: PowerPlan: Setting:

Error - 24.1.2014 3:42:04 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe PP-ODC01 Message: Error code: 0xE000020B

Error - 24.1.2014 8:32:52 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe Message: An unexpected error occurred
applying power plan settings. Error: (System.Runtime.InteropServices.COMException)
at POWPLNSET-APP2 The server process could not be started because the configured
identity is incorrect. Check the username and password. (Exception from HRESULT:
0x8000401A) Miscellaneous Error Information: PowerPlan: Setting:

Error - 24.1.2014 8:33:23 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe PP-ODC01 Message: Error code: 0xE000020B

Error - 24.1.2014 11:10:11 | Computer Name = MrVopi-PC | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: tanky.exe, verzia: 0.0.0.0, casová znacka:
0x4b850389 Názov chybujúceho modulu: tanky.exe, verzia: 0.0.0.0, casová znacka:
0x4b850389 Kód výnimky: 0xc0000005 Odstup chyby: 0x000015f9 Identifikácia chybujúceho
procesu: 0x11a4 Cas spustenia chybujúcej aplikácie: 0x01cf19163dcfc996 Cesta chybujúcej
aplikácie: C:\Users\MrVopi\Desktop\tanky.exe Cesta chybujúceho modulu: C:\Users\MrVopi\Desktop\tanky.exe
Identifikácia
hlásenia: 9e63daff-8509-11e3-827f-001a6b0e2a68 Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhladom na balík:

Error - 24.1.2014 11:50:49 | Computer Name = MrVopi-PC | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: FRST64.exe, verzia: 0.0.0.0, casová znacka:
0x52e169ab Názov chybujúceho modulu: FRST64.exe, verzia: 0.0.0.0, casová znacka:
0x52e169ab Kód výnimky: 0xc00000fd Odstup chyby: 0x000000000000af93 Identifikácia
chybujúceho procesu: 0x1488 Cas spustenia chybujúcej aplikácie: 0x01cf191bfb9a0401
Cesta
chybujúcej aplikácie: C:\Users\MrVopi\Desktop\FRST64.exe Cesta chybujúceho modulu:
C:\Users\MrVopi\Desktop\FRST64.exe Identifikácia hlásenia: 4b12e128-850f-11e3-827f-001a6b0e2a68
Celé
meno chybujúceho balíka: Identifikácia chybujúcej aplikácie vzhladom na balík:

Error - 24.1.2014 18:22:25 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe Message: An unexpected error occurred
applying power plan settings. Error: (System.Runtime.InteropServices.COMException)
at POWPLNSET-APP2 The server process could not be started because the configured
identity is incorrect. Check the username and password. (Exception from HRESULT:
0x8000401A) Miscellaneous Error Information: PowerPlan: Setting:

Error - 24.1.2014 18:22:48 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe PP-ODC01 Message: Error code: 0xE000020B

Error - 24.1.2014 18:41:59 | Computer Name = MrVopi-PC | Source = DellPowerManager | ID = 0
Description = Error from DpmPowerPlanSetup.exe PP-ODC01 Message: Error code: 0xE000020B

Error - 24.1.2014 18:44:26 | Computer Name = MrVopi-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity()
v objekte System Writer. Details: AddLegacyDriverFiles: Unable to back up image of
binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. .

[ System Events ]
Error - 24.1.2014 3:40:55 | Computer Name = MrVopi-PC | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

Error - 24.1.2014 3:41:02 | Computer Name = MrVopi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:04:07 PM on ?1/?23/?2014 was unexpected.

Error - 24.1.2014 3:41:35 | Computer Name = MrVopi-PC | Source = DCOM | ID = 10016
Description =

Error - 24.1.2014 7:20:44 | Computer Name = MrVopi-PC | Source = DCOM | ID = 10016
Description =

Error - 24.1.2014 9:15:43 | Computer Name = MrVopi-PC | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 43. The Windows SChannel error state is 252.

Error - 24.1.2014 10:27:12 | Computer Name = MrVopi-PC | Source = DCOM | ID = 10016
Description =

Error - 24.1.2014 12:08:24 | Computer Name = MrVopi-PC | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 43. The Windows SChannel error state is 252.

Error - 24.1.2014 18:39:05 | Computer Name = MrVopi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:52:45 PM on ?1/?24/?2014 was unexpected.

Error - 24.1.2014 18:39:03 | Computer Name = MrVopi-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 24.1.2014 18:41:09 | Computer Name = MrVopi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:39:05 PM on ?1/?24/?2014 was unexpected.


< End of report >
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#19 Příspěvek od valdoDK »

Iba sa trochu pripominam :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o preventivku

#20 Příspěvek od vyosek »

:arrow: omlouvam se, nejak mi to zapadlo

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 5B CC 0F EC 07 CF 01 [binary data]
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-826929475-743330940-1988914792-1001\..Trusted Domains: dell.com ([]* in Dôveryhodné lokality)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.01.23 20:34:45 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.23 20:33:03 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\MrVopi\Desktop\FRSTLauncher.exe
[2014.01.23 20:32:07 | 002,077,696 | ---- | C] (Farbar) -- C:\Users\MrVopi\Desktop\FRST64.exe
[2014.01.24 23:41:44 | 000,000,922 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job
[2013.12.08 04:31:31 | 000,000,926 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cef3c5fd03d909.job
[2014.01.24 23:41:47 | 000,000,568 | ---- | M] () -- C:\WINDOWS\Tasks\MATLAB R2012b Startup Accelerator.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"AdobeBridge"=-
"NextLive"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"iTunesHelper"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"SunJavaUpdateSched"=-
"mobilegeni daemon"=-

:files
C:\Users\MrVopi\AppData\Roaming\newnext.me
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#21 Příspěvek od valdoDK »

Nic sa nestalo :) prikladam log:

All processes killed
========== OTL ==========
HKU\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-826929475-743330940-1988914792-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-826929475-743330940-1988914792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\FRST\Quarantine folder moved successfully.
C:\FRST\Logs folder moved successfully.
C:\FRST\Hives\Users\00000002 folder moved successfully.
C:\FRST\Hives\Users\00000001 folder moved successfully.
C:\FRST\Hives\Users folder moved successfully.
C:\FRST\Hives folder moved successfully.
C:\FRST folder moved successfully.
C:\Users\MrVopi\Desktop\FRSTLauncher.exe moved successfully.
C:\Users\MrVopi\Desktop\FRST64.exe moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cee71cce0a0b70.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef3c5fd03d909.job moved successfully.
C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon not found.
========== FILES ==========
File\Folder C:\Users\MrVopi\AppData\Roaming\newnext.me not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\invcol.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: fbwuser84A7
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes

User: fbwuserB11C
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes

User: MrVopi
->Temp folder emptied: 203893053 bytes
->Temporary Internet Files folder emptied: 192725267 bytes
->Java cache emptied: 258315 bytes
->Google Chrome cache emptied: 249120555 bytes
->Flash cache emptied: 1505 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 126320470 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 737,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: fbwuser84A7

User: fbwuserB11C

User: MrVopi
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: fbwuser84A7

User: fbwuserB11C

User: MrVopi
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01302014_164527

Files\Folders moved on Reboot...
File\Folder C:\Users\MrVopi\AppData\Local\Temp\JETFB.tmp not found!
File move failed. C:\Users\MrVopi\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\CR_232D0.tmp\setup.exe moved successfully.
C:\WINDOWS\temp\chrome_installer.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o preventivku

#22 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
valdoDK
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 17 zář 2007 18:36

Re: Prosim o preventivku

#23 Příspěvek od valdoDK »

Vsetko prebehnute a spravene :) CCleaner pouzivam, dobra vec :) Tak dakujem velmi pekne za ochotu a venovany cas :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosim o preventivku

#24 Příspěvek od vyosek »

Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“