Dobrý den, zčistajasna se mi zbláznil avast a při surfování na internetu mi vyhazuje, že zablokoval nebezpečnou stránku či soubor s nákazou URL:Mal. Přitom zrovna dnes jsem nic nestahoval, ani nepřenastavoval, tak by mě zajímalo, o co se jedná. Každopádně mě to hodně obtěžuje a jelikož nevím, co je to za virus, tak ani nevím, co mi hrozí. Přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Kuba (administrator) on KUBA-PC on 18-02-2014 17:14:01
Running from C:\Users\Kuba\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(KMP Media co.,Ltd) C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kuba\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-12-23] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-12-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] - C:\Windows\RTFTrack.exe [6339656 2013-04-24] (Realtek semiconductor)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3813712 2014-02-04] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-22] (Microsoft Corporation)
HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\...\Run: [Spotify Web Helper] - C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-04] (Spotify Ltd)
HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\...\Run: [Facebook Update] - C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-04] (Facebook Inc.)
HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\...\MountPoints2: {ede52f40-6bcb-11e3-97c2-806e6f6e6963} - F:\RunGame.exe
==================== Internet (Whitelisted) ====================
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Dokumenty Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-24]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-24]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-24]
CHR Extension: (avast! Online Security) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-24]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-27]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-04] (LogMeIn, Inc.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-18] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-18] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-06] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2013-04-03] (Qualcomm Atheros Co., Ltd.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8243144 2013-04-24] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-22] (Duplex Secure Ltd.)
S3 WinRing0_1_2_0; C:\Program Files\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
U3 aqru3fi4; C:\Windows\System32\Drivers\aqru3fi4.sys [0 ] (Intel Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-18 17:14 - 2014-02-18 17:14 - 00013103 _____ () C:\Users\Kuba\Desktop\FRST.txt
2014-02-18 17:12 - 2014-02-18 17:14 - 00000000 ____D () C:\FRST
2014-02-18 17:12 - 2014-02-18 17:11 - 00112640 _____ (forum.viry.cz) C:\FRSTLauncher.exe
2014-02-18 17:11 - 2014-02-18 17:11 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Desktop\FRSTLauncher.exe
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 736017.crdownload
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 263835.crdownload
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 217220.crdownload
2014-02-18 17:00 - 2014-02-18 17:00 - 02152448 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2014-02-18 16:46 - 2014-02-18 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-17 19:22 - 2014-02-17 19:55 - 576700416 _____ () C:\Users\Kuba\Downloads\Objevování-Lennona(TV-Rip,Cz).avi
2014-02-17 12:27 - 2014-02-17 12:27 - 00042504 _____ () C:\Users\Kuba\Downloads\johann_sebastian_bach_prelude_no_1_in_c_major.gpx
2014-02-17 12:27 - 2014-02-17 12:27 - 00002994 _____ () C:\Users\Kuba\Downloads\johann_sebastian_bach_little_prelude_in_c_major.gp5
2014-02-17 09:08 - 2014-02-17 09:30 - 389967872 _____ () C:\Users\Kuba\Downloads\Gimme.Some.Truth.-.The.Making.of.John.Lennon.Imagine.Album.DVB.Xvid.AC3.MVGroup.avi
2014-02-16 14:55 - 2014-02-18 16:19 - 00000000 ____D () C:\Users\Kuba\AppData\Local\LogMeIn Hamachi
2014-02-16 14:54 - 2014-02-16 14:54 - 06406144 _____ () C:\Users\Kuba\Downloads\hamachi (2).msi
2014-02-16 14:54 - 2014-02-16 14:54 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-16 14:53 - 2014-02-16 14:53 - 00000000 ____D () C:\Users\Kuba\Downloads\LogMeInHamachi
2014-02-16 14:52 - 2014-02-16 14:52 - 04272303 _____ () C:\Users\Kuba\Downloads\LogMeInHamachi.zip
2014-02-16 14:04 - 2014-02-16 14:04 - 00000000 ____D () C:\Users\Kuba\Downloads\Unreal Tournament
2014-02-14 19:09 - 2014-02-14 19:09 - 00018577 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-july-68-to-the-end-eng-1-cd.zip
2014-02-14 17:04 - 2014-02-14 17:45 - 733935616 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.8.dvdrip.xvid-tva.avi
2014-02-14 17:03 - 2014-02-14 17:03 - 00020375 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-june-67-to-july-68-eng-1-cd.zip
2014-02-14 16:02 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 16:02 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 16:01 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 16:01 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 16:01 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 16:01 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 16:01 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 16:01 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 16:01 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 16:01 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 16:01 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 16:01 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 16:01 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 16:01 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 16:01 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 16:01 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 16:01 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 16:01 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 16:01 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 16:01 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 16:01 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 16:01 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 16:01 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 16:01 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 16:01 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 16:01 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 16:01 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 16:01 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 16:01 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 16:01 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 16:01 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 16:01 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 16:01 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 16:01 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 16:01 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 16:01 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 16:01 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 16:01 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 16:01 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 16:01 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 16:01 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 08:27 - 2014-02-14 08:27 - 00021753 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-july-66-to-june-67-year-1995-eng-1-cd.zip
2014-02-14 07:32 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 07:32 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 07:32 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 07:32 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 07:32 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 07:32 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 07:32 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 07:32 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 07:32 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 07:32 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 07:32 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 07:32 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 07:32 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 07:32 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 07:32 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 07:32 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 07:32 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 07:32 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 07:32 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 07:32 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 07:32 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 07:32 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 07:32 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 07:32 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 07:32 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 07:32 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 07:32 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 07:32 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 07:31 - 2014-02-14 08:12 - 733921280 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.6.dvdrip.xvid-tva.avi
2014-02-13 11:28 - 2014-02-13 11:28 - 00017288 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-august-65-to-july-66-year-1995-eng-1-cd.zip
2014-02-13 09:53 - 2014-02-13 09:53 - 00016546 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-august-64-to-august-65-year-1995-eng-1-cd.zip
2014-02-13 09:52 - 2014-02-13 10:33 - 733943808 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.5.dvdrip.xvid-tva.avi
2014-02-12 12:21 - 2014-02-12 12:21 - 00017195 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-february-64-to-july-64-year-1995-eng-1-cd.zip
2014-02-12 10:25 - 2014-02-18 17:00 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\newnext.me
2014-02-12 10:25 - 2014-02-12 10:26 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Mobogenie
2014-02-12 10:25 - 2014-02-12 10:26 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\Documents\Mobogenie
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Local\genienext
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Local\cache
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\.android
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 _____ () C:\Users\Kuba\daemonprocess.txt
2014-02-12 10:23 - 2014-02-12 10:23 - 00930440 _____ (CNET Download.com) C:\Users\Kuba\Downloads\cbsidlm-cbsi176-Free_Webcam_Recorder-ORG-75984393.exe
2014-02-12 09:02 - 2014-02-12 09:02 - 00015375 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-march-63-to-february-64-year-1995-eng-1-cd.zip
2014-02-11 18:11 - 2014-02-11 18:11 - 00000020 _____ () C:\Windows\$řŽ
2014-02-11 18:11 - 2014-02-11 18:11 - 00000000 ____D () C:\Windows\cs
2014-02-11 18:11 - 2014-02-11 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-11 18:10 - 2014-02-11 18:11 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-11 18:08 - 2014-02-15 09:58 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-02-11 18:08 - 2014-02-11 18:08 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-02-07 22:03 - 2014-02-07 22:03 - 00015558 _____ () C:\Users\Kuba\Downloads\[CzT]Argo_2012_CZ_.torrent
2014-02-07 20:18 - 2014-02-07 20:18 - 29931564 _____ () C:\Users\Kuba\Downloads\můj monte christo 1.wav
2014-02-05 20:28 - 2014-02-05 20:28 - 00000102 _____ () C:\Users\Kuba\Documents\spotify.bat
2014-02-05 20:28 - 2014-02-05 20:28 - 00000102 _____ () C:\Users\Kuba\Desktop\spotify.bat
2014-02-05 17:09 - 2014-02-05 17:29 - 178274304 _____ () C:\Users\Kuba\Downloads\How-I-Met-Your-Mother-S09E17---cz-tit..avi
2014-02-04 19:07 - 2014-02-18 10:12 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
2014-02-04 19:07 - 2014-02-17 19:12 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
2014-02-04 19:07 - 2014-02-04 19:07 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA
2014-02-04 19:07 - 2014-02-04 19:07 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core
2014-02-04 19:07 - 2014-02-04 19:07 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Facebook
2014-02-04 19:06 - 2014-02-04 19:06 - 00501248 _____ (Facebook Inc.) C:\Users\Kuba\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-02-04 10:09 - 2014-02-04 10:09 - 06397952 _____ () C:\Users\Kuba\Downloads\hamachi (1).msi
2014-02-04 08:48 - 2014-02-04 10:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-04 08:48 - 2014-02-04 08:48 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-04 08:47 - 2014-02-04 08:47 - 01133552 _____ () C:\Users\Kuba\Downloads\SteamSetup.exe
2014-02-04 07:41 - 2014-02-18 16:48 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Spotify
2014-02-04 07:41 - 2014-02-06 14:49 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Spotify
2014-02-04 07:41 - 2014-02-04 07:41 - 00001799 _____ () C:\Users\Kuba\Desktop\Spotify.lnk
2014-02-04 07:41 - 2014-02-04 07:41 - 00001785 _____ () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-04 00:29 - 2014-02-04 00:29 - 00127080 _____ (Spotify Ltd) C:\Users\Kuba\Downloads\SpotifySetup (1).exe
2014-02-04 00:27 - 2014-02-04 00:27 - 00127080 _____ (Spotify Ltd) C:\Users\Kuba\Downloads\SpotifySetup.exe
2014-02-02 22:50 - 2014-02-02 22:50 - 00000000 ____D () C:\Users\Kuba\AppData\Local\LogMeIn
2014-02-02 22:50 - 2014-02-02 22:50 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-02 22:49 - 2014-02-02 22:50 - 06397952 _____ () C:\Users\Kuba\Downloads\hamachi.msi
2014-02-02 14:29 - 2014-02-02 14:29 - 04327208 _____ (Systweak Inc ) C:\Users\Kuba\Downloads\rcpsetupst_RC1_ZZ_L_1.exe
2014-02-02 14:22 - 2014-02-02 14:25 - 00000000 ___HD () C:\_acestream_cache_
2014-02-02 14:21 - 2014-02-11 18:10 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\.ACEStream
2014-02-02 14:21 - 2014-02-02 14:22 - 22445318 _____ () C:\Users\Kuba\Downloads\bulanci.exe
2014-02-02 14:21 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2014-02-02 14:21 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\ACEStream
2014-02-02 14:20 - 2014-02-02 14:20 - 58265760 _____ () C:\Users\Kuba\Downloads\Ace_Stream_Media_2.1.5.3_by_Wiziwig_tv.exe
2014-02-02 11:42 - 2014-02-18 16:55 - 00000000 ____D () C:\Users\Kuba\Documents\TmForever
2014-02-02 11:42 - 2014-02-02 11:48 - 00000000 ____D () C:\ProgramData\TmForever
2014-02-02 11:40 - 2014-02-02 11:40 - 00000813 _____ () C:\Users\Public\Desktop\TmNationsForever.lnk
2014-02-02 11:24 - 2014-02-02 11:32 - 530600781 _____ () C:\Users\Kuba\Downloads\tmnationsforever_setup (1).exe
2014-02-02 09:01 - 2014-02-02 09:02 - 45893360 _____ (Lenovo Group Limited ) C:\Users\Kuba\Downloads\8gd223ww.exe
2014-02-02 08:45 - 2014-02-02 08:54 - 530600781 _____ () C:\Users\Kuba\Downloads\tmnationsforever_setup.exe
2014-02-02 08:28 - 2014-02-02 08:28 - 00889416 _____ (Microsoft Corporation) C:\Users\Kuba\Downloads\dotNetFx40_Full_setup.exe
2014-02-02 07:58 - 2014-02-02 07:58 - 00000000 ____D () C:\ProgramData\ATI
2014-02-02 07:57 - 2014-02-02 07:57 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-01 07:11 - 2014-02-04 14:18 - 00000144 _____ () C:\Users\Kuba\Desktop\Nový textový dokument.txt
2014-01-30 14:10 - 2014-01-30 15:45 - 850182201 _____ () C:\Users\Kuba\Downloads\Insidious-2-HD---CZ-titulky.rar
2014-01-30 09:21 - 2014-01-30 09:21 - 00533504 _____ () C:\Users\Kuba\Downloads\Patologické-výchovné-styly-rodičů.ppt
2014-01-28 07:50 - 2014-01-28 07:50 - 00012686 _____ () C:\Users\Kuba\Downloads\how-i-met-your-mother-ninth-season_english-853955.zip
2014-01-28 07:26 - 2014-01-28 07:47 - 186690248 _____ () C:\Users\Kuba\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.XviD-AFG.avi
2014-01-25 22:05 - 2014-01-25 22:05 - 00137118 _____ () C:\Users\Kuba\Downloads\[CzT]Mentalista_The_Mentalist_1_3_Serie_CZ_TVRip_.torrent
2014-01-25 10:03 - 2014-01-25 10:03 - 00000000 ____D () C:\Program Files\RealTemp_370
2014-01-25 10:02 - 2014-01-25 10:02 - 00330853 _____ () C:\Users\Kuba\Downloads\RealTemp_370.zip
2014-01-25 10:02 - 2014-01-25 10:02 - 00000000 ____D () C:\Users\Kuba\Downloads\RealTemp_370
2014-01-24 10:46 - 2014-01-24 10:46 - 00034802 _____ () C:\Users\Kuba\Downloads\Seagulls.gp5
2014-01-24 10:22 - 2014-01-24 11:29 - 643343804 _____ () C:\Users\Kuba\Downloads\Muse-Discography-(9-CD).rar
2014-01-22 21:35 - 2014-01-22 21:35 - 00240104 _____ () C:\Users\Kuba\Downloads\[CzT]Bojove_nasazeni_Heartbreak_Ridge_1986_CZ_.torrent
2014-01-21 08:42 - 2014-02-16 16:11 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Skype
2014-01-21 08:41 - 2014-01-21 08:42 - 00000000 ____D () C:\ProgramData\Skype
2014-01-21 08:41 - 2014-01-21 08:41 - 01551008 _____ (Skype Technologies S.A.) C:\Users\Kuba\Downloads\SkypeSetup.exe
2014-01-21 08:41 - 2014-01-21 08:41 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-21 08:41 - 2014-01-21 08:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-21 06:44 - 2014-01-21 06:44 - 00015295 _____ () C:\Users\Kuba\Downloads\how-i-met-your-mother-ninth-season_english-850205.zip
2014-01-21 06:32 - 2014-01-21 06:42 - 181219770 _____ () C:\Users\Kuba\Downloads\how.i.met.your.mother.s09e15.hdtv.xvid-fum.avi
2014-01-20 21:38 - 2014-01-20 22:57 - 733689435 _____ () C:\Users\Kuba\Downloads\Prci,-prci,-prcicky-1-(CZ-Dub)-SPR4T3KK.avi
2014-01-20 20:57 - 2014-01-20 20:57 - 00000000 ____D () C:\Users\Kuba\Documents\FIFA 2003
2014-01-20 20:56 - 2014-02-16 14:12 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-20 20:49 - 2014-01-20 20:49 - 00000483 _____ () C:\Windows\eReg.dat
2014-01-20 20:00 - 2014-01-20 20:45 - 794502864 _____ () C:\Users\Kuba\Downloads\fifa-2003.rar
2014-01-20 19:51 - 2014-01-20 20:49 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-01-20 19:50 - 2014-01-20 19:50 - 16478720 _____ () C:\Users\Kuba\Downloads\fifa2003_netuk.exe
2014-01-20 12:45 - 2013-04-24 07:10 - 06339656 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2014-01-20 12:45 - 2013-04-24 07:10 - 02627656 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
2014-01-20 12:45 - 2013-04-24 07:10 - 00472136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamX64.dll
2014-01-20 12:45 - 2013-04-24 07:10 - 00420424 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamX.dll
2014-01-20 12:44 - 2014-01-20 12:44 - 00000146 _____ () C:\Windows\RtCamU64.log
2014-01-20 12:41 - 2014-01-20 12:41 - 26611264 _____ (Lenovo Group Limited ) C:\Users\Kuba\Downloads\cam110w7.exe
2014-01-20 05:13 - 2014-01-20 05:13 - 00015608 _____ () C:\Users\Kuba\Downloads\[CzT]Senna_2010_.torrent
2014-01-19 15:07 - 2014-01-19 15:07 - 01360953 _____ () C:\Users\Kuba\Downloads\crowd2.wma
==================== One Month Modified Files and Folders =======
2014-02-18 17:14 - 2014-02-18 17:14 - 00013103 _____ () C:\Users\Kuba\Desktop\FRST.txt
2014-02-18 17:14 - 2014-02-18 17:12 - 00000000 ____D () C:\FRST
2014-02-18 17:11 - 2014-02-18 17:12 - 00112640 _____ (forum.viry.cz) C:\FRSTLauncher.exe
2014-02-18 17:11 - 2014-02-18 17:11 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Desktop\FRSTLauncher.exe
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 736017.crdownload
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 263835.crdownload
2014-02-18 17:08 - 2014-02-18 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kuba\Downloads\Nepotvrzeno 217220.crdownload
2014-02-18 17:04 - 2013-12-24 18:38 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-18 17:04 - 2013-12-24 18:37 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 17:01 - 2014-01-08 11:11 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-02-18 17:00 - 2014-02-18 17:00 - 02152448 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2014-02-18 17:00 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\newnext.me
2014-02-18 16:55 - 2014-02-02 11:42 - 00000000 ____D () C:\Users\Kuba\Documents\TmForever
2014-02-18 16:48 - 2014-02-04 07:41 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Spotify
2014-02-18 16:46 - 2014-02-18 16:46 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-18 16:35 - 2014-01-06 16:40 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-18 16:35 - 2013-12-27 16:05 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-18 16:35 - 2013-12-27 16:05 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-18 16:35 - 2013-12-27 16:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-18 16:35 - 2013-12-27 16:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-18 16:35 - 2013-12-27 16:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-18 16:35 - 2013-12-27 16:05 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-18 16:35 - 2013-12-27 16:05 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-18 16:26 - 2009-07-14 05:45 - 00015328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-18 16:26 - 2009-07-14 05:45 - 00015328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 16:25 - 2013-12-22 15:47 - 00670192 _____ () C:\Windows\system32\perfh005.dat
2014-02-18 16:25 - 2013-12-22 15:47 - 00142304 _____ () C:\Windows\system32\perfc005.dat
2014-02-18 16:25 - 2009-07-14 06:13 - 01588048 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 16:22 - 2013-12-21 23:30 - 01284906 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 16:19 - 2014-02-16 14:55 - 00000000 ____D () C:\Users\Kuba\AppData\Local\LogMeIn Hamachi
2014-02-18 16:19 - 2014-01-18 15:08 - 00005062 _____ () C:\Windows\setupact.log
2014-02-18 16:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 15:07 - 2013-12-23 13:41 - 03619456 _____ () C:\Users\Public\CAFADEBUG.log
2014-02-18 12:23 - 2014-01-05 10:23 - 00000282 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-02-18 10:12 - 2014-02-04 19:07 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
2014-02-17 19:55 - 2014-02-17 19:22 - 576700416 _____ () C:\Users\Kuba\Downloads\Objevování-Lennona(TV-Rip,Cz).avi
2014-02-17 19:12 - 2014-02-04 19:07 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
2014-02-17 12:27 - 2014-02-17 12:27 - 00042504 _____ () C:\Users\Kuba\Downloads\johann_sebastian_bach_prelude_no_1_in_c_major.gpx
2014-02-17 12:27 - 2014-02-17 12:27 - 00002994 _____ () C:\Users\Kuba\Downloads\johann_sebastian_bach_little_prelude_in_c_major.gp5
2014-02-17 09:30 - 2014-02-17 09:08 - 389967872 _____ () C:\Users\Kuba\Downloads\Gimme.Some.Truth.-.The.Making.of.John.Lennon.Imagine.Album.DVB.Xvid.AC3.MVGroup.avi
2014-02-16 21:23 - 2014-01-05 10:17 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Audacity
2014-02-16 16:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-16 16:11 - 2014-01-21 08:42 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Skype
2014-02-16 14:54 - 2014-02-16 14:54 - 06406144 _____ () C:\Users\Kuba\Downloads\hamachi (2).msi
2014-02-16 14:54 - 2014-02-16 14:54 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-16 14:53 - 2014-02-16 14:53 - 00000000 ____D () C:\Users\Kuba\Downloads\LogMeInHamachi
2014-02-16 14:52 - 2014-02-16 14:52 - 04272303 _____ () C:\Users\Kuba\Downloads\LogMeInHamachi.zip
2014-02-16 14:12 - 2014-01-20 20:56 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-16 14:08 - 2013-12-27 14:06 - 00000000 ____D () C:\GAMES
2014-02-16 14:06 - 2013-12-24 19:16 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\uTorrent
2014-02-16 14:04 - 2014-02-16 14:04 - 00000000 ____D () C:\Users\Kuba\Downloads\Unreal Tournament
2014-02-16 08:20 - 2013-12-22 15:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 08:18 - 2013-12-21 23:34 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 09:58 - 2014-02-11 18:08 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Windows Live
2014-02-14 19:09 - 2014-02-14 19:09 - 00018577 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-july-68-to-the-end-eng-1-cd.zip
2014-02-14 17:45 - 2014-02-14 17:04 - 733935616 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.8.dvdrip.xvid-tva.avi
2014-02-14 17:03 - 2014-02-14 17:03 - 00020375 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-june-67-to-july-68-eng-1-cd.zip
2014-02-14 16:06 - 2013-12-21 23:50 - 01563728 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 08:27 - 2014-02-14 08:27 - 00021753 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-july-66-to-june-67-year-1995-eng-1-cd.zip
2014-02-14 08:12 - 2014-02-14 07:31 - 733921280 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.6.dvdrip.xvid-tva.avi
2014-02-13 11:28 - 2014-02-13 11:28 - 00017288 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-august-65-to-july-66-year-1995-eng-1-cd.zip
2014-02-13 10:33 - 2014-02-13 09:52 - 733943808 _____ () C:\Users\Kuba\Downloads\the.beatles.anthology.episode.5.dvdrip.xvid-tva.avi
2014-02-13 09:53 - 2014-02-13 09:53 - 00016546 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-august-64-to-august-65-year-1995-eng-1-cd.zip
2014-02-12 16:31 - 2014-01-18 15:39 - 00186124 _____ () C:\Windows\PFRO.log
2014-02-12 12:21 - 2014-02-12 12:21 - 00017195 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-february-64-to-july-64-year-1995-eng-1-cd.zip
2014-02-12 10:26 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Mobogenie
2014-02-12 10:26 - 2014-02-12 10:25 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\Documents\Mobogenie
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Local\genienext
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\AppData\Local\cache
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 ____D () C:\Users\Kuba\.android
2014-02-12 10:25 - 2014-02-12 10:25 - 00000000 _____ () C:\Users\Kuba\daemonprocess.txt
2014-02-12 10:25 - 2013-12-21 23:57 - 00000000 ____D () C:\Users\Kuba
2014-02-12 10:23 - 2014-02-12 10:23 - 00930440 _____ (CNET Download.com) C:\Users\Kuba\Downloads\cbsidlm-cbsi176-Free_Webcam_Recorder-ORG-75984393.exe
2014-02-12 09:02 - 2014-02-12 09:02 - 00015375 _____ () C:\Users\Kuba\Downloads\the-beatles-anthology-march-63-to-february-64-year-1995-eng-1-cd.zip
2014-02-11 18:11 - 2014-02-11 18:11 - 00000020 _____ () C:\Windows\$řŽ
2014-02-11 18:11 - 2014-02-11 18:11 - 00000000 ____D () C:\Windows\cs
2014-02-11 18:11 - 2014-02-11 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-11 18:11 - 2014-02-11 18:10 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-11 18:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-11 18:10 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\.ACEStream
2014-02-11 18:09 - 2014-01-18 14:22 - 00122165 _____ () C:\Windows\DirectX.log
2014-02-11 18:08 - 2014-02-11 18:08 - 01243120 _____ (společnost Microsoft Corporation) C:\Users\Kuba\Downloads\wlsetup-web.exe
2014-02-11 16:59 - 2013-12-24 18:38 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 16:59 - 2013-12-24 18:38 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-07 22:03 - 2014-02-07 22:03 - 00015558 _____ () C:\Users\Kuba\Downloads\[CzT]Argo_2012_CZ_.torrent
2014-02-07 20:18 - 2014-02-07 20:18 - 29931564 _____ () C:\Users\Kuba\Downloads\můj monte christo 1.wav
2014-02-07 19:15 - 2009-07-14 06:08 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-07 12:12 - 2014-01-05 12:04 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Guitar Pro 6
2014-02-07 12:12 - 2014-01-05 12:00 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2014-02-06 14:49 - 2014-02-04 07:41 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Spotify
2014-02-06 13:16 - 2014-02-14 16:01 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 16:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 16:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 16:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 16:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 16:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 16:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 16:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 16:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 16:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 16:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 16:01 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 16:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 16:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 16:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 16:01 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:09 - 2013-12-24 17:50 - 00000000 ____D () C:\KUBA
2014-02-06 11:01 - 2014-02-14 16:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 16:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 16:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 16:01 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 16:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 16:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 16:01 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 16:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 16:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 16:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 16:01 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 16:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 16:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 16:01 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 16:01 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 16:01 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 16:01 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 16:01 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 16:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 16:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 16:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 16:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 20:28 - 2014-02-05 20:28 - 00000102 _____ () C:\Users\Kuba\Documents\spotify.bat
2014-02-05 20:28 - 2014-02-05 20:28 - 00000102 _____ () C:\Users\Kuba\Desktop\spotify.bat
2014-02-05 17:29 - 2014-02-05 17:09 - 178274304 _____ () C:\Users\Kuba\Downloads\How-I-Met-Your-Mother-S09E17---cz-tit..avi
2014-02-05 15:33 - 2014-01-05 10:22 - 00000274 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-02-04 19:07 - 2014-02-04 19:07 - 00003898 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA
2014-02-04 19:07 - 2014-02-04 19:07 - 00003530 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core
2014-02-04 19:07 - 2014-02-04 19:07 - 00000000 ____D () C:\Users\Kuba\AppData\Local\Facebook
2014-02-04 19:06 - 2014-02-04 19:06 - 00501248 _____ (Facebook Inc.) C:\Users\Kuba\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-02-04 14:18 - 2014-02-01 07:11 - 00000144 _____ () C:\Users\Kuba\Desktop\Nový textový dokument.txt
2014-02-04 10:22 - 2014-02-04 08:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-04 10:09 - 2014-02-04 10:09 - 06397952 _____ () C:\Users\Kuba\Downloads\hamachi (1).msi
2014-02-04 08:48 - 2014-02-04 08:48 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-04 08:47 - 2014-02-04 08:47 - 01133552 _____ () C:\Users\Kuba\Downloads\SteamSetup.exe
2014-02-04 08:01 - 2013-12-24 18:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 07:41 - 2014-02-04 07:41 - 00001799 _____ () C:\Users\Kuba\Desktop\Spotify.lnk
2014-02-04 07:41 - 2014-02-04 07:41 - 00001785 _____ () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-02-04 00:29 - 2014-02-04 00:29 - 00127080 _____ (Spotify Ltd) C:\Users\Kuba\Downloads\SpotifySetup (1).exe
2014-02-04 00:27 - 2014-02-04 00:27 - 00127080 _____ (Spotify Ltd) C:\Users\Kuba\Downloads\SpotifySetup.exe
2014-02-02 22:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-02 22:50 - 2014-02-02 22:50 - 00000000 ____D () C:\Users\Kuba\AppData\Local\LogMeIn
2014-02-02 22:50 - 2014-02-02 22:50 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-02 22:50 - 2014-02-02 22:49 - 06397952 _____ () C:\Users\Kuba\Downloads\hamachi.msi
2014-02-02 14:29 - 2014-02-02 14:29 - 04327208 _____ (Systweak Inc ) C:\Users\Kuba\Downloads\rcpsetupst_RC1_ZZ_L_1.exe
2014-02-02 14:25 - 2014-02-02 14:22 - 00000000 ___HD () C:\_acestream_cache_
2014-02-02 14:22 - 2014-02-02 14:21 - 22445318 _____ () C:\Users\Kuba\Downloads\bulanci.exe
2014-02-02 14:21 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2014-02-02 14:21 - 2014-02-02 14:21 - 00000000 ____D () C:\Users\Kuba\AppData\Roaming\ACEStream
2014-02-02 14:20 - 2014-02-02 14:20 - 58265760 _____ () C:\Users\Kuba\Downloads\Ace_Stream_Media_2.1.5.3_by_Wiziwig_tv.exe
2014-02-02 11:48 - 2014-02-02 11:42 - 00000000 ____D () C:\ProgramData\TmForever
2014-02-02 11:40 - 2014-02-02 11:40 - 00000813 _____ () C:\Users\Public\Desktop\TmNationsForever.lnk
2014-02-02 11:32 - 2014-02-02 11:24 - 530600781 _____ () C:\Users\Kuba\Downloads\tmnationsforever_setup (1).exe
2014-02-02 09:02 - 2014-02-02 09:01 - 45893360 _____ (Lenovo Group Limited ) C:\Users\Kuba\Downloads\8gd223ww.exe
2014-02-02 08:54 - 2014-02-02 08:45 - 530600781 _____ () C:\Users\Kuba\Downloads\tmnationsforever_setup.exe
2014-02-02 08:28 - 2014-02-02 08:28 - 00889416 _____ (Microsoft Corporation) C:\Users\Kuba\Downloads\dotNetFx40_Full_setup.exe
2014-02-02 08:23 - 2013-12-23 13:47 - 00000000 ____D () C:\Windows\Minidump
2014-02-02 08:23 - 2013-12-23 13:23 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-02-02 08:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-02 08:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-02 07:58 - 2014-02-02 07:58 - 00000000 ____D () C:\ProgramData\ATI
2014-02-02 07:57 - 2014-02-02 07:57 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-02-02 07:57 - 2013-12-23 13:27 - 00000000 ____D () C:\ProgramData\AMD
2014-02-02 07:56 - 2014-01-18 15:23 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-01-30 15:45 - 2014-01-30 14:10 - 850182201 _____ () C:\Users\Kuba\Downloads\Insidious-2-HD---CZ-titulky.rar
2014-01-30 09:21 - 2014-01-30 09:21 - 00533504 _____ () C:\Users\Kuba\Downloads\Patologické-výchovné-styly-rodičů.ppt
2014-01-29 18:02 - 2013-12-22 19:21 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-01-28 07:50 - 2014-01-28 07:50 - 00012686 _____ () C:\Users\Kuba\Downloads\how-i-met-your-mother-ninth-season_english-853955.zip
2014-01-28 07:47 - 2014-01-28 07:26 - 186690248 _____ () C:\Users\Kuba\Downloads\How.I.Met.Your.Mother.S09E16.HDTV.XviD-AFG.avi
2014-01-25 22:05 - 2014-01-25 22:05 - 00137118 _____ () C:\Users\Kuba\Downloads\[CzT]Mentalista_The_Mentalist_1_3_Serie_CZ_TVRip_.torrent
2014-01-25 15:32 - 2014-01-05 10:22 - 00000290 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-01-25 10:03 - 2014-01-25 10:03 - 00000000 ____D () C:\Program Files\RealTemp_370
2014-01-25 10:02 - 2014-01-25 10:02 - 00330853 _____ () C:\Users\Kuba\Downloads\RealTemp_370.zip
2014-01-25 10:02 - 2014-01-25 10:02 - 00000000 ____D () C:\Users\Kuba\Downloads\RealTemp_370
2014-01-24 11:29 - 2014-01-24 10:22 - 643343804 _____ () C:\Users\Kuba\Downloads\Muse-Discography-(9-CD).rar
2014-01-24 10:46 - 2014-01-24 10:46 - 00034802 _____ () C:\Users\Kuba\Downloads\Seagulls.gp5
2014-01-23 16:08 - 2013-12-23 13:31 - 00000000 ____D () C:\ldiag
2014-01-22 21:35 - 2014-01-22 21:35 - 00240104 _____ () C:\Users\Kuba\Downloads\[CzT]Bojove_nasazeni_Heartbreak_Ridge_1986_CZ_.torrent
2014-01-21 08:42 - 2014-01-21 08:41 - 00000000 ____D () C:\ProgramData\Skype
2014-01-21 08:41 - 2014-01-21 08:41 - 01551008 _____ (Skype Technologies S.A.) C:\Users\Kuba\Downloads\SkypeSetup.exe
2014-01-21 08:41 - 2014-01-21 08:41 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-21 08:41 - 2014-01-21 08:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-21 06:44 - 2014-01-21 06:44 - 00015295 _____ () C:\Users\Kuba\Downloads\how-i-met-your-mother-ninth-season_english-850205.zip
2014-01-21 06:42 - 2014-01-21 06:32 - 181219770 _____ () C:\Users\Kuba\Downloads\how.i.met.your.mother.s09e15.hdtv.xvid-fum.avi
2014-01-20 22:57 - 2014-01-20 21:38 - 733689435 _____ () C:\Users\Kuba\Downloads\Prci,-prci,-prcicky-1-(CZ-Dub)-SPR4T3KK.avi
2014-01-20 20:57 - 2014-01-20 20:57 - 00000000 ____D () C:\Users\Kuba\Documents\FIFA 2003
2014-01-20 20:49 - 2014-01-20 20:49 - 00000483 _____ () C:\Windows\eReg.dat
2014-01-20 20:49 - 2014-01-20 19:51 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-01-20 20:45 - 2014-01-20 20:00 - 794502864 _____ () C:\Users\Kuba\Downloads\fifa-2003.rar
2014-01-20 19:50 - 2014-01-20 19:50 - 16478720 _____ () C:\Users\Kuba\Downloads\fifa2003_netuk.exe
2014-01-20 12:44 - 2014-01-20 12:44 - 00000146 _____ () C:\Windows\RtCamU64.log
2014-01-20 12:41 - 2014-01-20 12:41 - 26611264 _____ (Lenovo Group Limited ) C:\Users\Kuba\Downloads\cam110w7.exe
2014-01-20 05:13 - 2014-01-20 05:13 - 00015608 _____ () C:\Users\Kuba\Downloads\[CzT]Senna_2010_.torrent
2014-01-19 15:07 - 2014-01-19 15:07 - 01360953 _____ () C:\Users\Kuba\Downloads\crowd2.wma
Some content of TEMP:
====================
C:\Users\Kuba\AppData\Local\Temp\13-12_mobility_win7_win8_64_dd_ccc_whql.exe
C:\Users\Kuba\AppData\Local\Temp\AutoRun.exe
C:\Users\Kuba\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Kuba\AppData\Local\Temp\DownloadManager.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:76650B61
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kuba\Desktop" je 550 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Tisíc hlášení URL:Mal z ničeho nic?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Tisíc hlášení URL:Mal z ničeho nic?
Zdravim 
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze 
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Tisíc hlášení URL:Mal z ničeho nic?
Zdravím,
systém mám od sestry, která hrála CSko za nějaký lepší klan, či co. Myslím, že by jim nelegální systémy nedávali. Všechno zde mám povolené, i updates.
systém mám od sestry, která hrála CSko za nějaký lepší klan, či co. Myslím, že by jim nelegální systémy nedávali
. Všechno zde mám povolené, i updates.Re: Tisíc hlášení URL:Mal z ničeho nic?
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tisíc hlášení URL:Mal z ničeho nic?
Tak jsem zpět, přikládám log z OTL:
OTL logfile created on: 18.2.2014 18:46:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kuba\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,88 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 37,81% Memory free
5,76 Gb Paging File | 3,55 Gb Available in Paging File | 61,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463,81 Gb Total Space | 139,93 Gb Free Space | 30,17% Space Free | Partition Type: NTFS
Drive F: | 599,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KUBA-PC | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.02.18 18:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.01.06 16:40:26 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.06 16:40:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.15 01:54:12 | 007,856,192 | ---- | M] (KMP Media co.,Ltd) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2013.07.08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013.07.08 10:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2013.03.05 01:25:17 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2013.01.31 15:20:50 | 000,286,192 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.01.31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.12.21 07:57:56 | 000,291,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.09.11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.09.11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.08.21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.14 20:46:26 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a00f66c9fa4095f35690cbc7e8a4663e\System.IdentityModel.ni.dll
MOD - [2014.02.14 20:46:23 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e61c002b87e6a11678c2104f82d1628b\System.ServiceModel.ni.dll
MOD - [2014.02.14 20:46:11 | 001,075,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\85e1a779c6dd55df956f76b5726b91ae\System.ServiceModel.Web.ni.dll
MOD - [2014.02.14 16:02:57 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d1797a38e945a46f85cdaf2080afb5c6\System.Xaml.ni.dll
MOD - [2014.02.14 16:02:34 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cd1bbf37c5adc7bb67eabaae20649e54\System.Windows.Forms.ni.dll
MOD - [2014.02.14 16:02:25 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a095ded1f7d3feaee17336cd7e39e2f8\System.Drawing.ni.dll
MOD - [2014.02.14 16:02:24 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\b1c2960a66470630da6ebb76469ca04e\System.ServiceModel.Internals.ni.dll
MOD - [2014.02.14 16:02:24 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\292289421ae443d791368181824a1ca8\SMDiagnostics.ni.dll
MOD - [2014.02.14 16:02:23 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b78d2d1864738205744e16af046d79f7\System.Runtime.Serialization.ni.dll
MOD - [2014.02.14 16:01:50 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\63b566ebd7592ab4aac14614b05b32e0\System.Xml.ni.dll
MOD - [2014.02.14 16:01:45 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b421d19f01911e8f74876ded9d5a85c0\System.Configuration.ni.dll
MOD - [2014.02.14 16:01:42 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e29c126f91fa5e968c7792adaf3c62ff\System.Core.ni.dll
MOD - [2014.02.14 16:01:36 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fd8c46f1f500496403ec7538ab3077b6\System.ni.dll
MOD - [2014.02.14 16:01:28 | 016,546,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014.02.02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.12.27 16:05:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.01.18 08:47:48 | 004,548,096 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\libcodec.dll
MOD - [2008.02.25 07:05:28 | 000,288,256 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_wm.dll
MOD - [2008.02.25 07:05:28 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_vorbis.dll
MOD - [2008.02.25 07:05:28 | 000,179,200 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_nsv.dll
MOD - [2008.02.25 07:05:24 | 000,646,656 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\IN_MP3.DLL
MOD - [2008.02.25 07:05:24 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_mp4.dll
MOD - [2008.02.25 07:05:16 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\gen_hotkeys.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.01.06 16:40:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.12.06 21:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.09.25 16:40:50 | 001,674,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe -- (LSCWinService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.04.18 18:15:18 | 003,388,144 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013.04.18 18:14:58 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013.04.18 18:14:46 | 000,621,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013.04.18 18:14:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013.04.11 02:12:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013.03.05 01:25:20 | 000,202,400 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2013.01.31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012.09.12 18:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.06.19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.02.04 10:37:32 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2013.04.24 08:56:11 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.03.05 01:25:17 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2012.09.11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.09.11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.08.21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.18 16:35:29 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.18 16:35:29 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.02.18 16:35:29 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.18 16:35:29 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.06 16:40:28 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.27 16:05:13 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.27 16:05:13 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.23 12:45:32 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013.12.23 12:45:32 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013.12.22 19:31:46 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.12.06 22:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.12.06 21:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.05.21 21:38:50 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013.04.24 07:10:54 | 008,243,144 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013.04.22 19:15:16 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013.04.18 01:02:32 | 005,358,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.04.11 02:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013.04.11 02:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013.04.03 04:45:05 | 000,128,200 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2013.03.05 01:25:18 | 001,680,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2013.02.27 07:44:22 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013.01.31 15:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.01.31 15:20:10 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.01.22 19:19:10 | 003,851,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.12.04 21:21:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 21:21:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.12.04 21:21:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.07.26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Program Files\RealTemp_370\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV:64bit: - [2008.05.06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011.06.02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.5.3: C:\Users\Kuba\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - Extension: Dokumenty Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtsFT] C:\Windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [Facebook Update] C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [NextLive] C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [Spotify Web Helper] C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54C612B2-1AB9-4321-84A5-B4CC220A6F75}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79B1B404-B628-4EAE-A7A9-4567A58D2FB2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.04.06 16:05:38 | 000,000,000 | ---D | M] - F:\autorun -- [ CDFS ]
O32 - AutoRun File - [2002.10.05 22:14:40 | 000,000,066 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{ede52f40-6bcb-11e3-97c2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ede52f40-6bcb-11e3-97c2-806e6f6e6963}\Shell\AutoRun\command - "" = F:\RunGame.exe -- [2002.10.05 22:14:40 | 000,147,456 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.02.18 18:44:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
[2014.02.18 17:12:40 | 000,000,000 | ---D | C] -- C:\FRST
[2014.02.18 17:12:11 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\FRSTLauncher.exe
[2014.02.18 17:11:53 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Kuba\Desktop\FRSTLauncher.exe
[2014.02.18 17:00:34 | 002,152,448 | ---- | C] (Farbar) -- C:\Users\Kuba\Desktop\FRST64.exe
[2014.02.18 16:46:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.02.16 14:55:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\LogMeIn Hamachi
[2014.02.16 14:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014.02.16 14:54:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014.02.14 16:02:07 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.14 16:01:27 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.14 16:01:27 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.14 16:01:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.14 16:01:27 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.14 16:01:26 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.14 16:01:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.14 16:01:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.14 16:01:25 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.14 16:01:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.14 16:01:25 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.14 16:01:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.14 16:01:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.14 16:01:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.14 16:01:24 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.14 16:01:24 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.14 16:01:24 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.14 16:01:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.14 16:01:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.14 16:01:23 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.14 16:01:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.14 16:01:21 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.14 16:01:21 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.14 16:01:19 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.14 07:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.14 07:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.14 07:32:31 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.14 07:32:30 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.14 07:32:30 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.14 07:32:30 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.14 07:32:30 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.14 07:32:30 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.14 07:32:30 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.14 07:32:30 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.14 07:32:29 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.14 07:32:29 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.14 07:32:29 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.14 07:32:29 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.14 07:32:29 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.14 07:32:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.14 07:32:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.14 07:32:28 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.14 07:32:28 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.14 07:32:21 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.14 07:32:21 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.12 10:25:38 | 000,000,000 | ---D | C] -- C:\Users\Kuba\.android
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\genienext
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\cache
[2014.02.12 10:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Mobogenie
[2014.02.12 10:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Mobogenie
[2014.02.12 10:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.02.18 18:47:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.18 18:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
[2014.02.18 18:43:12 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.18 18:43:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.18 17:12:21 | 000,015,327 | ---- | M] () -- C:\Users\Kuba\Desktop\LM.bat
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Kuba\Desktop\FRSTLauncher.exe
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
[2014.02.18 17:04:20 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.18 17:00:56 | 002,152,448 | ---- | M] (Farbar) -- C:\Users\Kuba\Desktop\FRST64.exe
[2014.02.18 16:35:56 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.18 16:35:29 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.18 16:35:29 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.02.18 16:35:29 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.18 16:35:29 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.18 16:35:29 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.18 16:35:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.18 16:26:46 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.18 16:26:46 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.18 16:25:47 | 001,588,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.18 16:25:47 | 000,670,192 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.18 16:25:47 | 000,655,518 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.18 16:25:47 | 000,142,304 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.18 16:25:47 | 000,122,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.18 16:19:31 | 2320,642,048 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.18 12:23:09 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DLL-Files FixerASKUSER.job
[2014.02.18 10:12:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
[2014.02.17 19:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.15 10:20:19 | 000,025,818 | ---- | M] () -- C:\kachna.jpg
[2014.02.14 16:06:15 | 001,563,728 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.12 23:19:26 | 001,474,713 | ---- | M] () -- C:\steven_gerrard_by_bredesen-d5fcj2y.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.18 18:47:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.18 17:12:21 | 000,015,327 | ---- | C] () -- C:\Users\Kuba\Desktop\LM.bat
[2014.02.15 10:20:19 | 000,025,818 | ---- | C] () -- C:\kachna.jpg
[2014.02.12 23:19:26 | 001,474,713 | ---- | C] () -- C:\steven_gerrard_by_bredesen-d5fcj2y.jpg
[2014.01.20 20:49:13 | 000,000,483 | ---- | C] () -- C:\Windows\eReg.dat
[2014.01.17 11:08:31 | 000,000,741 | ---- | C] () -- C:\Users\Kuba\AppData\Local\recently-used.xbel
[2014.01.05 10:23:08 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.12.28 13:50:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.12.28 13:48:18 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.12.28 13:48:18 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.12.28 13:48:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.12.23 13:23:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.12.23 12:44:40 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.12.21 23:50:18 | 001,563,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.21 23:43:01 | 000,921,665 | ---- | C] () -- C:\Windows\SysWow64\msvcrt-ruby18.dll
[2013.12.21 23:43:01 | 000,271,264 | ---- | C] () -- C:\Windows\SysWow64\vbrun100.dll
[2013.12.21 23:43:01 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2013.12.21 23:43:01 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\pythonw.exe
[2013.12.21 23:43:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\python.exe
[2013.12.21 23:43:01 | 000,020,537 | ---- | C] () -- C:\Windows\SysWow64\rubyw.exe
[2013.12.21 23:43:01 | 000,020,536 | ---- | C] () -- C:\Windows\SysWow64\ruby.exe
[2013.12.06 22:38:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.12.06 22:38:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.06.19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.02.11 18:10:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.ACEStream
[2014.02.02 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ACEStream
[2014.02.16 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Audacity
[2013.12.27 16:06:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\AVAST Software
[2014.01.18 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2014.01.05 10:22:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dll-files.com
[2013.12.22 19:18:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2014.02.07 12:12:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Guitar Pro 6
[2013.12.23 13:31:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Lenovo
[2013.12.24 20:04:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\LSC
[2014.02.18 17:00:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2013.12.22 19:21:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Opera Software
[2014.02.18 16:48:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Spotify
[2014.01.18 14:53:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\SystemRequirementsLab
[2014.02.16 14:06:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,027,124 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(13).TXT
[2009.07.14 06:08:49 | 000,032,600 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.12.24 18:37:56 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.12.24 18:38:10 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.05 10:22:54 | 000,000,274 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014.01.05 10:22:55 | 000,000,290 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
[2014.01.05 10:23:24 | 000,000,282 | ---- | C] () -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job
[2014.02.04 19:07:08 | 000,000,902 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.04 19:07:09 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.15 04:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.15 04:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.15 04:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.15 04:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.15 04:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.15 04:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.15 04:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.15 04:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.12.15 04:40:30 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2010.12.15 04:40:30 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.12.15 04:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.15 04:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\*.tmp files -> C:\Windows\inf\Intel Storage Counters\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0000\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0005\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0005\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0009\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[178 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.02.11 18:10:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.ACEStream
[2014.02.02 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ACEStream
[2014.01.14 15:43:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Adobe
[2013.12.28 13:49:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ATI
[2014.02.16 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Audacity
[2013.12.27 16:06:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\AVAST Software
[2014.01.18 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2014.01.05 10:22:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dll-files.com
[2013.12.22 19:18:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2014.02.07 12:12:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Guitar Pro 6
[2013.12.21 23:57:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Identities
[2013.12.23 13:19:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\InstallShield
[2013.12.22 00:00:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Intel
[2013.12.23 13:17:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Intel Corporation
[2013.12.23 13:31:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Lenovo
[2013.12.24 20:04:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\LSC
[2013.12.23 13:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macromedia
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Media Center Programs
[2014.01.18 14:20:50 | 000,000,000 | --SD | M] -- C:\Users\Kuba\AppData\Roaming\Microsoft
[2014.02.18 17:00:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2013.12.22 19:21:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Opera Software
[2014.02.16 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Skype
[2014.02.18 16:48:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Spotify
[2014.01.18 14:53:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\SystemRequirementsLab
[2014.02.16 14:06:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2013.12.25 15:13:45 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.02.02 14:21:53 | 000,151,511 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\Uninstall.exe
[2013.08.14 21:40:06 | 000,027,392 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_console.exe
[2013.08.14 21:40:10 | 000,027,904 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_engine.exe
[2013.08.14 21:40:12 | 000,027,904 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_stream.exe
[2011.06.12 14:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\w9xpopen.exe
[2013.07.26 11:36:38 | 000,120,952 | ---- | M] (Innovative Digital Technologies) -- C:\Users\Kuba\AppData\Roaming\ACEStream\player\ace_player.exe
[2013.07.12 17:43:02 | 000,121,976 | ---- | M] (Innovative Digital Technologies) -- C:\Users\Kuba\AppData\Roaming\ACEStream\player\vlc-cache-gen.exe
[2013.03.29 12:18:06 | 000,026,744 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\updater\ace_update.exe
[2011.06.12 14:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\updater\w9xpopen.exe
[2014.01.18 14:20:38 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Kuba\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.01.17 15:33:29 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{A02153E8-8DF8-42E6-B7BF-D88EEA33565F}\ARPPRODUCTICON.exe
[2014.01.01 09:47:51 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.02.04 07:41:51 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\spotify.exe
[2014.02.04 07:41:51 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014.02.04 07:41:50 | 000,603,648 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[2013.12.21 21:00:00 | 000,393,728 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Kuba\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.02.18 12:23:09 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job
[2014.02.05 15:33:16 | 000,000,274 | ---- | M] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014.01.25 15:32:15 | 000,000,290 | ---- | M] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
[2014.02.17 19:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.18 10:12:01 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
[2014.02.18 17:04:20 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.18 18:43:12 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.18 16:21:44 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.10.28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Spotify Web Helper" = "C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -- [2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd)
"Facebook Update" = "C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2014.02.04 19:07:05 | 000,138,096 | ---- | M] (Facebook Inc.)
"NextLive" = C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -- [2009.07.14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.02.06 23:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) MD5=5640B4C10682FBC39C86C8C7A8392B5E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.18 18:47:54 | 000,000,512 | ---- | M] () MD5=87CACC7B4B88010E7134C3D5B799EE35 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.09.16 12:38:42 | 009,533,440 | ---- | M] () -- \KUBA\HUDBA\George Harrison\33 and a Third (only)\09 Crackerbox Palace.mp3
[2011.03.01 09:48:00 | 004,644,864 | ---- | M] () -- \KUBA\HUDBA\Paul McCartney\1988-10-31 - Choba B CCCP\11 - Crackin' Up.mp3
[2011.03.01 09:49:28 | 000,992,227 | ---- | M] () -- \KUBA\HUDBA\Paul McCartney\1990-11-05 - Tripping The Live Fantastic\13 - Crackin' Up.mp3
[2014.02.04 20:28:20 | 000,003,072 | ---- | M] () -- \Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2014.02.04 20:28:20 | 000,003,608 | ---- | M] () -- \Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
< *keygen* /s >
[2013.05.09 11:57:27 | 000,066,336 | ---- | M] () -- \CD\guitar pro 6\Keygen\Keygen.rar
[2013.05.09 11:57:50 | 000,070,479 | ---- | M] () -- \CD\guitar pro 6\Keygen\Keygen\keygen.exe
< *loader* /s >
[2010.08.24 17:23:59 | 000,071,008 | ---- | M] () -- \GAMES\Mafia II\pc\PhysXLoader.dll
[2014.02.16 14:34:38 | 000,000,061 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoader.ini
[2014.02.16 14:34:38 | 000,081,920 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.dll
[2014.02.16 14:34:38 | 000,084,764 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.so
[2014.02.16 14:34:38 | 000,001,739 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.u
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2002.10.04 09:02:08 | 000,001,952 | ---- | M] () -- \Program Files (x86)\EA SPORTS\FIFA 2003\data\mm\easo\easoDataLoader.js
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.08.22 19:01:28 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014.02.02 11:23:49 | 000,001,537 | ---- | M] () -- \Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91Y73M2P\AdLoader[1].htm
[2014.02.02 11:23:49 | 000,111,438 | ---- | M] () -- \Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWQIG2J0\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2012.02.07 17:37:14 | 000,008,192 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\engine\lib\_win32sysloader.pyd
[2012.07.23 11:11:20 | 000,000,553 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1024\loader.png
[2012.07.23 11:11:20 | 000,000,686 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1280\loader.png
[2012.07.23 11:11:20 | 000,000,686 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1600\loader.png
[2012.07.23 11:11:22 | 000,001,239 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1920\loader.png
[2012.07.23 11:11:20 | 000,000,453 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\800\loader.png
[2012.07.23 11:11:20 | 000,000,477 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 17:37:14 | 000,008,192 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\updater\lib\_win32sysloader.pyd
[2013.12.28 12:45:03 | 000,674,976 | ---- | M] () -- \Users\Kuba\Downloads\dontlinkthefile_3danalyzer-v236 - CHIP Downloader.exe
[2013.12.23 14:13:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.04.29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.04.29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2010.04.29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.04.29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.22 15:46:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2013.12.22 15:46:15 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2013.12.22 15:46:15 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2013.12.22 15:46:15 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2013.12.22 15:46:15 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.12.23 13:06:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.12.23 13:06:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.12.23 13:06:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.12.23 13:06:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.12.23 13:06:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 19:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:76650B61
< End of report >
OTL logfile created on: 18.2.2014 18:46:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kuba\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,88 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 37,81% Memory free
5,76 Gb Paging File | 3,55 Gb Available in Paging File | 61,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463,81 Gb Total Space | 139,93 Gb Free Space | 30,17% Space Free | Partition Type: NTFS
Drive F: | 599,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KUBA-PC | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.02.18 18:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
PRC - [2014.02.04 14:56:52 | 003,813,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.01.06 16:40:26 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.06 16:40:26 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.15 01:54:12 | 007,856,192 | ---- | M] (KMP Media co.,Ltd) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2013.07.08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013.07.08 10:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2013.03.05 01:25:17 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2013.01.31 15:20:50 | 000,286,192 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.01.31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.12.21 07:57:56 | 000,291,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.09.11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.09.11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.08.21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.14 20:46:26 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a00f66c9fa4095f35690cbc7e8a4663e\System.IdentityModel.ni.dll
MOD - [2014.02.14 20:46:23 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e61c002b87e6a11678c2104f82d1628b\System.ServiceModel.ni.dll
MOD - [2014.02.14 20:46:11 | 001,075,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\85e1a779c6dd55df956f76b5726b91ae\System.ServiceModel.Web.ni.dll
MOD - [2014.02.14 16:02:57 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d1797a38e945a46f85cdaf2080afb5c6\System.Xaml.ni.dll
MOD - [2014.02.14 16:02:34 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cd1bbf37c5adc7bb67eabaae20649e54\System.Windows.Forms.ni.dll
MOD - [2014.02.14 16:02:25 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a095ded1f7d3feaee17336cd7e39e2f8\System.Drawing.ni.dll
MOD - [2014.02.14 16:02:24 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\b1c2960a66470630da6ebb76469ca04e\System.ServiceModel.Internals.ni.dll
MOD - [2014.02.14 16:02:24 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\292289421ae443d791368181824a1ca8\SMDiagnostics.ni.dll
MOD - [2014.02.14 16:02:23 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b78d2d1864738205744e16af046d79f7\System.Runtime.Serialization.ni.dll
MOD - [2014.02.14 16:01:50 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\63b566ebd7592ab4aac14614b05b32e0\System.Xml.ni.dll
MOD - [2014.02.14 16:01:45 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b421d19f01911e8f74876ded9d5a85c0\System.Configuration.ni.dll
MOD - [2014.02.14 16:01:42 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e29c126f91fa5e968c7792adaf3c62ff\System.Core.ni.dll
MOD - [2014.02.14 16:01:36 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fd8c46f1f500496403ec7538ab3077b6\System.ni.dll
MOD - [2014.02.14 16:01:28 | 016,546,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014.02.02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.12.27 16:05:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.01.18 08:47:48 | 004,548,096 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\libcodec.dll
MOD - [2008.02.25 07:05:28 | 000,288,256 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_wm.dll
MOD - [2008.02.25 07:05:28 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_vorbis.dll
MOD - [2008.02.25 07:05:28 | 000,179,200 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_nsv.dll
MOD - [2008.02.25 07:05:24 | 000,646,656 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\IN_MP3.DLL
MOD - [2008.02.25 07:05:24 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\in_mp4.dll
MOD - [2008.02.25 07:05:16 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\PlugIns\gen_hotkeys.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.01.06 16:40:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.12.06 21:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.09.25 16:40:50 | 001,674,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe -- (LSCWinService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.04.18 18:15:18 | 003,388,144 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2013.04.18 18:14:58 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2013.04.18 18:14:46 | 000,621,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2013.04.18 18:14:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013.04.11 02:12:50 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2013.03.05 01:25:20 | 000,202,400 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2013.01.31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012.09.12 18:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.06.19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.02.04 10:37:32 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.07.08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2013.04.24 08:56:11 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.03.05 01:25:17 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2012.09.11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.09.11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.08.21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.02.18 16:35:29 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.02.18 16:35:29 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.02.18 16:35:29 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.02.18 16:35:29 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.01.06 16:40:28 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.27 16:05:13 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.12.27 16:05:13 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.12.23 12:45:32 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013.12.23 12:45:32 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013.12.22 19:31:46 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.12.06 22:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.12.06 21:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.05.21 21:38:50 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013.04.24 07:10:54 | 008,243,144 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013.04.22 19:15:16 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013.04.18 01:02:32 | 005,358,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.04.11 02:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2013.04.11 02:13:08 | 000,164,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013.04.03 04:45:05 | 000,128,200 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2013.03.05 01:25:18 | 001,680,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2013.02.27 07:44:22 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013.01.31 15:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.01.31 15:20:10 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013.01.22 19:19:10 | 003,851,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.12.04 21:21:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 21:21:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.12.04 21:21:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.07.26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Program Files\RealTemp_370\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV:64bit: - [2008.05.06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2011.06.02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.5.3: C:\Users\Kuba\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - Extension: Dokumenty Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtsFT] C:\Windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [Facebook Update] C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [NextLive] C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000..\Run: [Spotify Web Helper] C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54C612B2-1AB9-4321-84A5-B4CC220A6F75}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79B1B404-B628-4EAE-A7A9-4567A58D2FB2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.04.06 16:05:38 | 000,000,000 | ---D | M] - F:\autorun -- [ CDFS ]
O32 - AutoRun File - [2002.10.05 22:14:40 | 000,000,066 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{ede52f40-6bcb-11e3-97c2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ede52f40-6bcb-11e3-97c2-806e6f6e6963}\Shell\AutoRun\command - "" = F:\RunGame.exe -- [2002.10.05 22:14:40 | 000,147,456 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.02.18 18:44:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
[2014.02.18 17:12:40 | 000,000,000 | ---D | C] -- C:\FRST
[2014.02.18 17:12:11 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\FRSTLauncher.exe
[2014.02.18 17:11:53 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Kuba\Desktop\FRSTLauncher.exe
[2014.02.18 17:00:34 | 002,152,448 | ---- | C] (Farbar) -- C:\Users\Kuba\Desktop\FRST64.exe
[2014.02.18 16:46:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.02.16 14:55:12 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\LogMeIn Hamachi
[2014.02.16 14:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014.02.16 14:54:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014.02.14 16:02:07 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.14 16:01:27 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.14 16:01:27 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.14 16:01:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.14 16:01:27 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.14 16:01:26 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.14 16:01:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.14 16:01:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.14 16:01:25 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.14 16:01:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.14 16:01:25 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.14 16:01:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.14 16:01:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.14 16:01:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.14 16:01:24 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.14 16:01:24 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.14 16:01:24 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.14 16:01:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.14 16:01:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.14 16:01:23 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.14 16:01:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.14 16:01:21 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.14 16:01:21 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.14 16:01:19 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.14 07:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.14 07:32:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.14 07:32:31 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.14 07:32:30 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.14 07:32:30 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.14 07:32:30 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.14 07:32:30 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.14 07:32:30 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.14 07:32:30 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.14 07:32:30 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.14 07:32:29 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.14 07:32:29 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.14 07:32:29 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.14 07:32:29 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.14 07:32:29 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.14 07:32:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.14 07:32:29 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.14 07:32:28 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.14 07:32:28 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.14 07:32:21 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.14 07:32:21 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014.02.12 10:25:38 | 000,000,000 | ---D | C] -- C:\Users\Kuba\.android
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\genienext
[2014.02.12 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\cache
[2014.02.12 10:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Mobogenie
[2014.02.12 10:25:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Mobogenie
[2014.02.12 10:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.02.18 18:47:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.18 18:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL (1).exe
[2014.02.18 18:43:12 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.18 18:43:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.18 17:12:21 | 000,015,327 | ---- | M] () -- C:\Users\Kuba\Desktop\LM.bat
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Kuba\Desktop\FRSTLauncher.exe
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
[2014.02.18 17:04:20 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.18 17:00:56 | 002,152,448 | ---- | M] (Farbar) -- C:\Users\Kuba\Desktop\FRST64.exe
[2014.02.18 16:35:56 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.02.18 16:35:29 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.02.18 16:35:29 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.02.18 16:35:29 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.18 16:35:29 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.02.18 16:35:29 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.02.18 16:35:28 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.02.18 16:26:46 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.18 16:26:46 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.18 16:25:47 | 001,588,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.18 16:25:47 | 000,670,192 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.18 16:25:47 | 000,655,518 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.18 16:25:47 | 000,142,304 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.18 16:25:47 | 000,122,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.18 16:19:31 | 2320,642,048 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.18 12:23:09 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\DLL-Files FixerASKUSER.job
[2014.02.18 10:12:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
[2014.02.17 19:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.15 10:20:19 | 000,025,818 | ---- | M] () -- C:\kachna.jpg
[2014.02.14 16:06:15 | 001,563,728 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.12 23:19:26 | 001,474,713 | ---- | M] () -- C:\steven_gerrard_by_bredesen-d5fcj2y.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.18 18:47:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.18 17:12:21 | 000,015,327 | ---- | C] () -- C:\Users\Kuba\Desktop\LM.bat
[2014.02.15 10:20:19 | 000,025,818 | ---- | C] () -- C:\kachna.jpg
[2014.02.12 23:19:26 | 001,474,713 | ---- | C] () -- C:\steven_gerrard_by_bredesen-d5fcj2y.jpg
[2014.01.20 20:49:13 | 000,000,483 | ---- | C] () -- C:\Windows\eReg.dat
[2014.01.17 11:08:31 | 000,000,741 | ---- | C] () -- C:\Users\Kuba\AppData\Local\recently-used.xbel
[2014.01.05 10:23:08 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.12.28 13:50:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.12.28 13:48:18 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.12.28 13:48:18 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.12.28 13:48:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.12.23 13:23:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.12.23 12:44:40 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.12.21 23:50:18 | 001,563,728 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.21 23:43:01 | 000,921,665 | ---- | C] () -- C:\Windows\SysWow64\msvcrt-ruby18.dll
[2013.12.21 23:43:01 | 000,271,264 | ---- | C] () -- C:\Windows\SysWow64\vbrun100.dll
[2013.12.21 23:43:01 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2013.12.21 23:43:01 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\pythonw.exe
[2013.12.21 23:43:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\python.exe
[2013.12.21 23:43:01 | 000,020,537 | ---- | C] () -- C:\Windows\SysWow64\rubyw.exe
[2013.12.21 23:43:01 | 000,020,536 | ---- | C] () -- C:\Windows\SysWow64\ruby.exe
[2013.12.06 22:38:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.12.06 22:38:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.06.19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.02.11 18:10:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.ACEStream
[2014.02.02 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ACEStream
[2014.02.16 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Audacity
[2013.12.27 16:06:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\AVAST Software
[2014.01.18 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2014.01.05 10:22:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dll-files.com
[2013.12.22 19:18:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2014.02.07 12:12:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Guitar Pro 6
[2013.12.23 13:31:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Lenovo
[2013.12.24 20:04:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\LSC
[2014.02.18 17:00:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2013.12.22 19:21:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Opera Software
[2014.02.18 16:48:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Spotify
[2014.01.18 14:53:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\SystemRequirementsLab
[2014.02.16 14:06:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,027,124 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(13).TXT
[2009.07.14 06:08:49 | 000,032,600 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.12.24 18:37:56 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.12.24 18:38:10 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.05 10:22:54 | 000,000,274 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014.01.05 10:22:55 | 000,000,290 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
[2014.01.05 10:23:24 | 000,000,282 | ---- | C] () -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job
[2014.02.04 19:07:08 | 000,000,902 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.04 19:07:09 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.15 04:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.15 04:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.15 04:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.15 04:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.15 04:39:25 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.15 04:37:08 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.15 04:39:25 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.15 04:37:08 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010.12.15 04:40:30 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2010.12.15 04:40:30 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.12.15 04:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.15 04:39:25 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\*.tmp files -> C:\Windows\inf\Intel Storage Counters\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0000\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0005\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0005\*.tmp -> ]
[1 C:\Windows\inf\Intel Storage Counters\0009\*.tmp files -> C:\Windows\inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[178 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.02.11 18:10:36 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.ACEStream
[2014.02.02 14:21:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ACEStream
[2014.01.14 15:43:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Adobe
[2013.12.28 13:49:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ATI
[2014.02.16 21:23:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Audacity
[2013.12.27 16:06:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\AVAST Software
[2014.01.18 14:12:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2014.01.05 10:22:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\dll-files.com
[2013.12.22 19:18:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GHISLER
[2014.02.07 12:12:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Guitar Pro 6
[2013.12.21 23:57:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Identities
[2013.12.23 13:19:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\InstallShield
[2013.12.22 00:00:59 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Intel
[2013.12.23 13:17:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Intel Corporation
[2013.12.23 13:31:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Lenovo
[2013.12.24 20:04:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\LSC
[2013.12.23 13:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Macromedia
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Media Center Programs
[2014.01.18 14:20:50 | 000,000,000 | --SD | M] -- C:\Users\Kuba\AppData\Roaming\Microsoft
[2014.02.18 17:00:53 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\newnext.me
[2013.12.22 19:21:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Opera Software
[2014.02.16 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Skype
[2014.02.18 16:48:12 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Spotify
[2014.01.18 14:53:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\SystemRequirementsLab
[2014.02.16 14:06:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2013.12.25 15:13:45 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.02.02 14:21:53 | 000,151,511 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\Uninstall.exe
[2013.08.14 21:40:06 | 000,027,392 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_console.exe
[2013.08.14 21:40:10 | 000,027,904 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_engine.exe
[2013.08.14 21:40:12 | 000,027,904 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\ace_stream.exe
[2011.06.12 14:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\engine\w9xpopen.exe
[2013.07.26 11:36:38 | 000,120,952 | ---- | M] (Innovative Digital Technologies) -- C:\Users\Kuba\AppData\Roaming\ACEStream\player\ace_player.exe
[2013.07.12 17:43:02 | 000,121,976 | ---- | M] (Innovative Digital Technologies) -- C:\Users\Kuba\AppData\Roaming\ACEStream\player\vlc-cache-gen.exe
[2013.03.29 12:18:06 | 000,026,744 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\updater\ace_update.exe
[2011.06.12 14:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\ACEStream\updater\w9xpopen.exe
[2014.01.18 14:20:38 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Kuba\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.01.17 15:33:29 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{A02153E8-8DF8-42E6-B7BF-D88EEA33565F}\ARPPRODUCTICON.exe
[2014.01.01 09:47:51 | 000,010,134 | R--- | M] () -- C:\Users\Kuba\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.02.04 07:41:51 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\spotify.exe
[2014.02.04 07:41:51 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014.02.04 07:41:50 | 000,603,648 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[2013.12.21 21:00:00 | 000,393,728 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Kuba\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014.02.18 12:23:09 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\DLL-Files FixerASKUSER.job
[2014.02.05 15:33:16 | 000,000,274 | ---- | M] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014.01.25 15:32:15 | 000,000,290 | ---- | M] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
[2014.02.17 19:12:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000Core.job
[2014.02.18 10:12:01 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3297055240-3115464408-3211596143-1000UA.job
[2014.02.18 17:04:20 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.02.18 18:43:12 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.18 16:21:44 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
[2014.02.18 17:11:53 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\FRSTLauncher.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.10.28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"Spotify Web Helper" = "C:\Users\Kuba\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" -- [2014.02.04 07:41:50 | 001,171,968 | ---- | M] (Spotify Ltd)
"Facebook Update" = "C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2014.02.04 19:07:05 | 000,138,096 | ---- | M] (Facebook Inc.)
"NextLive" = C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -- [2009.07.14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.02.06 23:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) MD5=5640B4C10682FBC39C86C8C7A8392B5E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.18 18:47:54 | 000,000,512 | ---- | M] () MD5=87CACC7B4B88010E7134C3D5B799EE35 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.09.16 12:38:42 | 009,533,440 | ---- | M] () -- \KUBA\HUDBA\George Harrison\33 and a Third (only)\09 Crackerbox Palace.mp3
[2011.03.01 09:48:00 | 004,644,864 | ---- | M] () -- \KUBA\HUDBA\Paul McCartney\1988-10-31 - Choba B CCCP\11 - Crackin' Up.mp3
[2011.03.01 09:49:28 | 000,992,227 | ---- | M] () -- \KUBA\HUDBA\Paul McCartney\1990-11-05 - Tripping The Live Fantastic\13 - Crackin' Up.mp3
[2014.02.04 20:28:20 | 000,003,072 | ---- | M] () -- \Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2014.02.04 20:28:20 | 000,003,608 | ---- | M] () -- \Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
< *keygen* /s >
[2013.05.09 11:57:27 | 000,066,336 | ---- | M] () -- \CD\guitar pro 6\Keygen\Keygen.rar
[2013.05.09 11:57:50 | 000,070,479 | ---- | M] () -- \CD\guitar pro 6\Keygen\Keygen\keygen.exe
< *loader* /s >
[2010.08.24 17:23:59 | 000,071,008 | ---- | M] () -- \GAMES\Mafia II\pc\PhysXLoader.dll
[2014.02.16 14:34:38 | 000,000,061 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoader.ini
[2014.02.16 14:34:38 | 000,081,920 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.dll
[2014.02.16 14:34:38 | 000,084,764 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.so
[2014.02.16 14:34:38 | 000,001,739 | ---- | M] () -- \GAMES\unreal\UnrealTournament\System\NPLoaderLL_v16b.u
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2002.10.04 09:02:08 | 000,001,952 | ---- | M] () -- \Program Files (x86)\EA SPORTS\FIFA 2003\data\mm\easo\easoDataLoader.js
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.08.22 19:01:28 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014.02.02 11:23:49 | 000,001,537 | ---- | M] () -- \Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91Y73M2P\AdLoader[1].htm
[2014.02.02 11:23:49 | 000,111,438 | ---- | M] () -- \Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWQIG2J0\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2012.02.07 17:37:14 | 000,008,192 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\engine\lib\_win32sysloader.pyd
[2012.07.23 11:11:20 | 000,000,553 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1024\loader.png
[2012.07.23 11:11:20 | 000,000,686 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1280\loader.png
[2012.07.23 11:11:20 | 000,000,686 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1600\loader.png
[2012.07.23 11:11:22 | 000,001,239 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\1920\loader.png
[2012.07.23 11:11:20 | 000,000,453 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\fs\default\800\loader.png
[2012.07.23 11:11:20 | 000,000,477 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 17:37:14 | 000,008,192 | ---- | M] () -- \Users\Kuba\AppData\Roaming\ACEStream\updater\lib\_win32sysloader.pyd
[2013.12.28 12:45:03 | 000,674,976 | ---- | M] () -- \Users\Kuba\Downloads\dontlinkthefile_3danalyzer-v236 - CHIP Downloader.exe
[2013.12.23 14:13:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010.04.29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.04.29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2010.04.29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.04.29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.22 15:46:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2013.12.22 15:46:15 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2013.12.22 15:46:15 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2013.12.22 15:46:15 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2013.12.22 15:46:15 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.12.23 13:06:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.12.23 13:06:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.12.23 13:06:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.12.23 13:06:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.12.23 13:06:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 19:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:76650B61
< End of report >
Re: Tisíc hlášení URL:Mal z ničeho nic?
A Extras.txt:
OTL Extras logfile created on: 18.2.2014 18:46:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kuba\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,88 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 37,81% Memory free
5,76 Gb Paging File | 3,55 Gb Available in Paging File | 61,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463,81 Gb Total Space | 139,93 Gb Free Space | 30,17% Space Free | Partition Type: NTFS
Drive F: | 599,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KUBA-PC | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D8038B-62F3-4ED6-8D11-A11466567E26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03760223-6655-4224-B473-803A1247053C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{038E007D-3B2A-4F68-8E1D-96F87DA90315}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{07879A17-8FF4-4F91-B0C7-E186A90CBF1B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0B55F69E-56B7-4B1D-91E0-6FCBDC903A81}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1035A8B6-8670-4F8A-B110-774C5F234856}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{160B1A47-3E2B-4F91-8EBC-FA6752055AB1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1A8AC4D6-67D3-45F9-BE85-3522D47B9E6F}" = lport=445 | protocol=6 | dir=in | app=system |
"{1BBB4959-FB46-4746-B71D-112AFEA97D31}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1E39E61B-CE87-4C9F-993D-931C2606EFEA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{27E413F5-BF1F-415B-8CD1-236DBDE30E7D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2F0AB8FD-7663-4DBC-9A33-946C02278658}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33DA7727-877F-4EA8-B679-13E0CABCE89E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34589816-02DD-4E3F-8930-C4E0551ECC63}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3483CCCC-8D99-44C6-B161-563D5093B972}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3879045D-6282-43E1-A092-CAC29620A4BF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3DC930B1-FE43-4DB6-BFA2-90B81039EFA1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{424C1EFC-B6A5-4B25-BDEF-80B304A6B05B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4728C900-07F2-4C97-957A-307C80798B33}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4A51530F-B549-43FF-8830-D00E1B6AA11B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B108215-13A5-462E-8A3B-32D20B94BBA9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B9B5365-F322-4239-B41A-26A423BC105B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C5DDA34-81BD-4989-938C-8A415BC55853}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5163B5E5-B1F8-4450-947B-DE123D1E90B5}" = lport=137 | protocol=17 | dir=in | app=system |
"{55A5ADE3-CC1F-4547-8F33-F84B1E90B93B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5608D541-A500-471A-81C8-65E3AA2B9268}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F21E9A9-99DD-476B-B93F-55ED6E845201}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61918BFB-EAD3-4B12-90D4-DEC7002FE6E4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{66639A4C-B0BD-4794-9C58-CA8FAA823A41}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{70D3475E-220B-4561-BA75-F43CBB1880C9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{72EF9CFF-82E5-46D9-90F4-1D58F03D8048}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{74639728-6029-462C-8B19-D234FC9E19EB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7678A679-052B-44A9-9C96-426648AFA692}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F3C4381-56FA-4DAB-B17A-06267A47F5F5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{82A43ADA-DB24-406B-8325-05E2CCF44BA7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8351CCFB-3A07-42A8-BA7A-2F08E58A081F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{858F8C0E-204C-494F-849B-8EBBBF9AC8A2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{88D23908-260E-40F6-A257-691D970061F1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{89B31387-DE34-4D5C-9C5A-B7F321C0BC93}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8B1E4D61-E264-4418-83A2-C52870FECE06}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8BC4D45C-D750-40EC-A5CA-8BEDD075F69F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8E4E3C5D-37B0-4609-AE42-BAFDF54E0428}" = lport=138 | protocol=17 | dir=in | app=system |
"{9231AF95-DE74-4E9B-B63C-E606261868B8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9685AB4D-3758-4FBE-9AE6-13AF05A81A12}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A38571C0-6CFF-4B2E-B3CC-66AB966DDB37}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AB1490ED-DBE8-40E6-A001-A7B66254CFBE}" = rport=139 | protocol=6 | dir=out | app=system |
"{AB43EB49-EAD3-44C0-BBF6-6EDA3291FCFF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AD309C87-2611-44AA-9848-ECC22D11AD88}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B4645934-46A6-4D4B-B7D0-FD25269EE644}" = rport=137 | protocol=17 | dir=out | app=system |
"{BAE1AD01-657C-4897-B88F-E7D59A7608F4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BD2AE904-B698-4B96-963B-EF36029DD796}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BF7E8FBF-9A5A-4AB9-B55F-CBF06179C20A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C1F6DCB8-5705-4A55-AD83-2EC747727095}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2399DD1-3315-4AAB-B3C5-5273507B8A6A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C9549069-EDBD-4FB1-9A6E-46350CAC57F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCADA56D-9FD6-4C91-9132-A698D78B2A55}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CF9E4E38-82A7-414D-B99E-C1AF9C31FEF6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D29F623A-E2CD-4C89-B9F7-732F2F22E356}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D621F081-8004-4CDB-92DA-AA86C2F462E5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DA14EF9F-2571-46D0-AC92-AE4FC636C9EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DBDDA2DA-A36E-4ACA-AE72-C3DB78A9DC96}" = rport=138 | protocol=17 | dir=out | app=system |
"{DD54EC48-28F5-4F5B-B453-D0161B39B158}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E540C5B5-3CDF-4B31-AAC7-07712CA35556}" = lport=139 | protocol=6 | dir=in | app=system |
"{EC8DF491-1E88-4D43-80D1-2C068D90B7DD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EF9EC1BC-59FC-4B3D-BF80-40F657D3C451}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F8A53B48-D7B4-4157-8E5D-076ACA7F5DCC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FCC6F48E-BAB0-48AA-9E83-014A948860E9}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1137F97F-AC5C-49F9-95DD-AA393394B348}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{119F9159-59B5-4457-8463-0387A67EBEEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C42B65C-1B94-4D94-AB71-1E5990CCDCEF}" = protocol=6 | dir=out | app=system |
"{1D025A82-53D2-434A-A33C-4A754CBED5C3}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{1EDFDE43-90D5-4398-8528-5D0A13137174}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2576B7B7-CC24-4C3C-9726-38DFC0468617}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2BC40A2E-2799-476E-8028-72766CB17775}" = protocol=58 | dir=in | app=system |
"{2C71C8C0-2192-4DCC-8764-DC3DCACEFC1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{310FDBA5-9C93-4F97-853E-241405951EC5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{3577E2B2-E4BF-48DD-8D4E-EEB2FCB66F53}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{35C25EBD-4437-4148-977E-AF69C8966296}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3738C05C-FAEC-4302-AF41-5D1C304BBCE0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\coflaunchapp.exe |
"{3B6952AE-22C7-4B62-82C4-06FC43777711}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4340BABA-0CBA-40DA-BC9C-10F21DD3804A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{44B74A4C-99D5-4B99-8074-99B9D489261D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\coflaunchapp.exe |
"{4817E958-5132-46D9-8613-549AB5BDBDAB}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{4EB12270-8F1C-45B2-9BE3-9AE0CDF85A3F}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{50CCDD81-312B-42B8-90AE-B82290672EB8}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{540A7DCE-6137-4C20-A895-F10613BB79CB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{54A6D0AB-C0A2-4BF4-A9EB-5BBEB200E2B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{54D2432D-6296-47DC-BF36-E8E04F6DC0FE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A8FA925-9349-4DC8-92FA-2E0C850BFC8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6780380D-55F1-4739-9369-4479483F049D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{86C3AFCA-24A6-4153-907C-889CF676F64E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8864A1BD-8910-46FD-AEE3-477B53BD09D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E3C05F9-1ADA-4CCE-904E-25C94A797252}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92A463BF-CBE3-4162-9899-C4FD0171A63D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{956B1B46-EF0B-417E-A260-4A561D8CEB4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9C8B7967-D52D-4C9B-AF75-9BCB29775412}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\utorrent\utorrent.exe |
"{A9E421A2-8EA2-4E81-9C9F-9A64AC60A616}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\acestream\engine\ace_engine.exe |
"{AC02B900-6B67-4CCE-A989-35DA9F769B58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2D7136A-E3DB-4BF7-BFC3-B6C48236C3FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B3CF57F9-D7CD-46AB-8DDD-959AF6EC5FDC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B6F227B7-6988-402C-A87D-D607CEF284E9}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{B807A8F8-0943-4990-92C9-A09A8C96FACE}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{BDC577AD-449B-4AB6-9076-9F4D718C4256}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C2D0DDB3-800B-4662-BFDD-CA8F23D03EC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C36D1CD4-79EF-4BED-A3F3-7EE4CE5487A2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D6D49105-1FB0-4B01-8CC0-8ACB98E71B67}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\acestream\engine\ace_engine.exe |
"{DBECAD02-E0E1-43F8-9AF0-73ED974D3012}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{E4039C45-7E34-41C8-87E7-2C7A2A23F9AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC85DB03-2C7E-4D30-965C-0D27DDFD4E39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F316E62C-E457-460E-ADC0-71255CE528C2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FAC09BF1-9E9E-4FB0-AF2D-1EEBE5E7ABBD}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{0618130D-9957-40CD-B733-130213E3D816}C:\games\unreal\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\games\unreal\unrealtournament\system\unrealtournament.exe |
"TCP Query User{1D4A370C-329A-44F5-8212-4A8EA24E6E89}C:\users\kuba\downloads\bulanci.exe" = protocol=6 | dir=in | app=c:\users\kuba\downloads\bulanci.exe |
"TCP Query User{80CB6694-C3BE-417A-A37F-A1989F59B0EA}C:\games\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\games\fifa 13\game\fifa13.exe |
"TCP Query User{9AD68B0B-AD2A-4D7E-AC2C-D82FB920C879}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{A86B08E9-CD84-40EA-98E5-02C03E49ECF4}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe |
"TCP Query User{A8AA8E0A-47B5-4D2C-B3DD-08D1AA29354D}C:\games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"UDP Query User{005D6B12-42A2-4679-819F-728237C3B883}C:\games\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\games\fifa 13\game\fifa13.exe |
"UDP Query User{0FC9A1A1-D23E-471C-A414-1254079D7C14}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{1A504628-2BCE-4C99-8191-88DA53083F8F}C:\games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"UDP Query User{2962B57A-67FA-40FC-A7FF-187104FC12AC}C:\users\kuba\downloads\bulanci.exe" = protocol=17 | dir=in | app=c:\users\kuba\downloads\bulanci.exe |
"UDP Query User{C25AC6CE-1EE5-4D25-837B-8152D79348B9}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe |
"UDP Query User{D7353DE7-EDE9-4C1D-862C-C31EBD0428FF}C:\games\unreal\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\games\unreal\unrealtournament\system\unrealtournament.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EAE3FBF-E39F-4B65-ACEE-560A16CD1F44}" = Intel(R) PROSet/Wireless WiFi Software Driver
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7629623D-F0D0-4AC6-A763-FBE06ED8288C}" = Intel(R) Rapid Storage Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE94ACBF-D190-794D-45FF-AD02B6E84A9D}" = AMD Wireless Display v3.0
"{B0169FD6-8590-451E-AEFF-A6253C0A850C}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}" = AMD Catalyst Install Manager
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}" = Lenovo Solution Center
"{E7EBB2A5-8C76-4C16-95A3-2FC74BEDE270}" = Intel® PROSet/Wireless WiFi Software
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Balíček ovladače systému Windows - Lenovo LenovoVhid (06/19/2012 10.13.29.733)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = Lenovo pointing device
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{12E83A6C-62D6-4893-0093-FB396C480F7B}" = FIFA 2003 Demo
"{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}" = Adobe Flash Player 10 ActiveX
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35FF3213-7FDE-C7F7-246F-D5A567C40402}" = Catalyst Control Center InstallProxy
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A1DC8D4-9FA4-43C3-00B3-5993B4BBE7D4}" = FIFA 2003
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e6d17d96-ddaa-476f-bb07-db601024ffb1}" = Intel® PROSet/Wireless Software
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Uživatelská příručka
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.5
"Avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dll-Files Fixer_is1" = Dll-Files Fixer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FIFA 13 CZ_is1" = FIFA 13 v1.0
"Google Chrome" = Google Chrome
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"LogMeIn Hamachi" = LogMeIn Hamachi
"Opera 19.0.1326.56" = Opera Stable 19.0.1326.56
"SopCast" = SopCast 3.8.3
"Steam App 223710" = Cry of Fear
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AceStream" = Ace Stream Media 2.1.5.3
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.2.2014 16:31:10 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 12.2.2014 12:05:11 | Computer Name = Kuba-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: KMPProcess.exe, verze: 1.0.1.2, časové razítko:
0x51d50ca2 Název chybujícího modulu: PanStreamer.dll, verze: 2.0.7.38, časové razítko:
0x509c8e1f Kód výjimky: 0xc0000005 Posun chyby: 0x0001dc74 ID chybujícího procesu:
0xf7c Čas spuštění chybující aplikace: 0x01cf28079dc5dcab Cesta k chybující aplikaci:
C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\PANDORA.TV\PanService\PanStreamer.dll ID zprávy: 730e6669-93ff-11e3-b313-48d22498994e
Error - 12.2.2014 22:55:40 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 13.2.2014 11:06:46 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 14.2.2014 11:13:36 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 14.2.2014 23:38:23 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 16.2.2014 3:14:57 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 16.2.2014 17:32:33 | Computer Name = Kuba-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmprph.exe, verze: 12.0.7600.16385, časové
razítko: 0x4a5bd018 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000004e4e4
ID
chybujícího procesu: 0x18f0 Čas spuštění chybující aplikace: 0x01cf2b5e99579e45 Cesta
k chybující aplikaci: C:\Program Files\Windows Media Player\wmprph.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: d80c84ed-9751-11e3-8f26-48d22498994e
Error - 17.2.2014 3:23:10 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 18.2.2014 8:37:08 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
[ System Events ]
Error - 2.2.2014 17:50:46 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 2.2.2014 17:50:46 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 4.2.2014 5:10:33 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 4.2.2014 5:10:37 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 4.2.2014 5:10:37 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 4.2.2014 5:13:17 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 4.2.2014 5:13:17 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 16.2.2014 9:55:00 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 16.2.2014 9:55:04 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 16.2.2014 9:55:04 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
< End of report >
OTL Extras logfile created on: 18.2.2014 18:46:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kuba\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,88 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 37,81% Memory free
5,76 Gb Paging File | 3,55 Gb Available in Paging File | 61,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463,81 Gb Total Space | 139,93 Gb Free Space | 30,17% Space Free | Partition Type: NTFS
Drive F: | 599,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KUBA-PC | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D8038B-62F3-4ED6-8D11-A11466567E26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03760223-6655-4224-B473-803A1247053C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{038E007D-3B2A-4F68-8E1D-96F87DA90315}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{07879A17-8FF4-4F91-B0C7-E186A90CBF1B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0B55F69E-56B7-4B1D-91E0-6FCBDC903A81}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1035A8B6-8670-4F8A-B110-774C5F234856}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{160B1A47-3E2B-4F91-8EBC-FA6752055AB1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1A8AC4D6-67D3-45F9-BE85-3522D47B9E6F}" = lport=445 | protocol=6 | dir=in | app=system |
"{1BBB4959-FB46-4746-B71D-112AFEA97D31}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1E39E61B-CE87-4C9F-993D-931C2606EFEA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{27E413F5-BF1F-415B-8CD1-236DBDE30E7D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2F0AB8FD-7663-4DBC-9A33-946C02278658}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33DA7727-877F-4EA8-B679-13E0CABCE89E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34589816-02DD-4E3F-8930-C4E0551ECC63}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3483CCCC-8D99-44C6-B161-563D5093B972}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3879045D-6282-43E1-A092-CAC29620A4BF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3DC930B1-FE43-4DB6-BFA2-90B81039EFA1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{424C1EFC-B6A5-4B25-BDEF-80B304A6B05B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4728C900-07F2-4C97-957A-307C80798B33}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4A51530F-B549-43FF-8830-D00E1B6AA11B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B108215-13A5-462E-8A3B-32D20B94BBA9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B9B5365-F322-4239-B41A-26A423BC105B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C5DDA34-81BD-4989-938C-8A415BC55853}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5163B5E5-B1F8-4450-947B-DE123D1E90B5}" = lport=137 | protocol=17 | dir=in | app=system |
"{55A5ADE3-CC1F-4547-8F33-F84B1E90B93B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5608D541-A500-471A-81C8-65E3AA2B9268}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F21E9A9-99DD-476B-B93F-55ED6E845201}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61918BFB-EAD3-4B12-90D4-DEC7002FE6E4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{66639A4C-B0BD-4794-9C58-CA8FAA823A41}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{70D3475E-220B-4561-BA75-F43CBB1880C9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{72EF9CFF-82E5-46D9-90F4-1D58F03D8048}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{74639728-6029-462C-8B19-D234FC9E19EB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7678A679-052B-44A9-9C96-426648AFA692}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7F3C4381-56FA-4DAB-B17A-06267A47F5F5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{82A43ADA-DB24-406B-8325-05E2CCF44BA7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8351CCFB-3A07-42A8-BA7A-2F08E58A081F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{858F8C0E-204C-494F-849B-8EBBBF9AC8A2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{88D23908-260E-40F6-A257-691D970061F1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{89B31387-DE34-4D5C-9C5A-B7F321C0BC93}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8B1E4D61-E264-4418-83A2-C52870FECE06}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8BC4D45C-D750-40EC-A5CA-8BEDD075F69F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8E4E3C5D-37B0-4609-AE42-BAFDF54E0428}" = lport=138 | protocol=17 | dir=in | app=system |
"{9231AF95-DE74-4E9B-B63C-E606261868B8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9685AB4D-3758-4FBE-9AE6-13AF05A81A12}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A38571C0-6CFF-4B2E-B3CC-66AB966DDB37}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AB1490ED-DBE8-40E6-A001-A7B66254CFBE}" = rport=139 | protocol=6 | dir=out | app=system |
"{AB43EB49-EAD3-44C0-BBF6-6EDA3291FCFF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AD309C87-2611-44AA-9848-ECC22D11AD88}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B4645934-46A6-4D4B-B7D0-FD25269EE644}" = rport=137 | protocol=17 | dir=out | app=system |
"{BAE1AD01-657C-4897-B88F-E7D59A7608F4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BD2AE904-B698-4B96-963B-EF36029DD796}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BF7E8FBF-9A5A-4AB9-B55F-CBF06179C20A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C1F6DCB8-5705-4A55-AD83-2EC747727095}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2399DD1-3315-4AAB-B3C5-5273507B8A6A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C9549069-EDBD-4FB1-9A6E-46350CAC57F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CCADA56D-9FD6-4C91-9132-A698D78B2A55}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CF9E4E38-82A7-414D-B99E-C1AF9C31FEF6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D29F623A-E2CD-4C89-B9F7-732F2F22E356}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D621F081-8004-4CDB-92DA-AA86C2F462E5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DA14EF9F-2571-46D0-AC92-AE4FC636C9EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DBDDA2DA-A36E-4ACA-AE72-C3DB78A9DC96}" = rport=138 | protocol=17 | dir=out | app=system |
"{DD54EC48-28F5-4F5B-B453-D0161B39B158}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E540C5B5-3CDF-4B31-AAC7-07712CA35556}" = lport=139 | protocol=6 | dir=in | app=system |
"{EC8DF491-1E88-4D43-80D1-2C068D90B7DD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EF9EC1BC-59FC-4B3D-BF80-40F657D3C451}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F8A53B48-D7B4-4157-8E5D-076ACA7F5DCC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FCC6F48E-BAB0-48AA-9E83-014A948860E9}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1137F97F-AC5C-49F9-95DD-AA393394B348}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{119F9159-59B5-4457-8463-0387A67EBEEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C42B65C-1B94-4D94-AB71-1E5990CCDCEF}" = protocol=6 | dir=out | app=system |
"{1D025A82-53D2-434A-A33C-4A754CBED5C3}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{1EDFDE43-90D5-4398-8528-5D0A13137174}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2576B7B7-CC24-4C3C-9726-38DFC0468617}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2BC40A2E-2799-476E-8028-72766CB17775}" = protocol=58 | dir=in | app=system |
"{2C71C8C0-2192-4DCC-8764-DC3DCACEFC1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{310FDBA5-9C93-4F97-853E-241405951EC5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{3577E2B2-E4BF-48DD-8D4E-EEB2FCB66F53}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{35C25EBD-4437-4148-977E-AF69C8966296}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3738C05C-FAEC-4302-AF41-5D1C304BBCE0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\coflaunchapp.exe |
"{3B6952AE-22C7-4B62-82C4-06FC43777711}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4340BABA-0CBA-40DA-BC9C-10F21DD3804A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{44B74A4C-99D5-4B99-8074-99B9D489261D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\coflaunchapp.exe |
"{4817E958-5132-46D9-8613-549AB5BDBDAB}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{4EB12270-8F1C-45B2-9BE3-9AE0CDF85A3F}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{50CCDD81-312B-42B8-90AE-B82290672EB8}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{540A7DCE-6137-4C20-A895-F10613BB79CB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{54A6D0AB-C0A2-4BF4-A9EB-5BBEB200E2B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{54D2432D-6296-47DC-BF36-E8E04F6DC0FE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A8FA925-9349-4DC8-92FA-2E0C850BFC8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6780380D-55F1-4739-9369-4479483F049D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{86C3AFCA-24A6-4153-907C-889CF676F64E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8864A1BD-8910-46FD-AEE3-477B53BD09D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E3C05F9-1ADA-4CCE-904E-25C94A797252}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92A463BF-CBE3-4162-9899-C4FD0171A63D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{956B1B46-EF0B-417E-A260-4A561D8CEB4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9C8B7967-D52D-4C9B-AF75-9BCB29775412}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\utorrent\utorrent.exe |
"{A9E421A2-8EA2-4E81-9C9F-9A64AC60A616}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\acestream\engine\ace_engine.exe |
"{AC02B900-6B67-4CCE-A989-35DA9F769B58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2D7136A-E3DB-4BF7-BFC3-B6C48236C3FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B3CF57F9-D7CD-46AB-8DDD-959AF6EC5FDC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B6F227B7-6988-402C-A87D-D607CEF284E9}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{B807A8F8-0943-4990-92C9-A09A8C96FACE}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\spotify\spotify.exe |
"{BDC577AD-449B-4AB6-9076-9F4D718C4256}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C2D0DDB3-800B-4662-BFDD-CA8F23D03EC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C36D1CD4-79EF-4BED-A3F3-7EE4CE5487A2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D6D49105-1FB0-4B01-8CC0-8ACB98E71B67}" = protocol=6 | dir=in | app=c:\users\kuba\appdata\roaming\acestream\engine\ace_engine.exe |
"{DBECAD02-E0E1-43F8-9AF0-73ED974D3012}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{E4039C45-7E34-41C8-87E7-2C7A2A23F9AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC85DB03-2C7E-4D30-965C-0D27DDFD4E39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F316E62C-E457-460E-ADC0-71255CE528C2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FAC09BF1-9E9E-4FB0-AF2D-1EEBE5E7ABBD}" = protocol=17 | dir=in | app=c:\users\kuba\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{0618130D-9957-40CD-B733-130213E3D816}C:\games\unreal\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\games\unreal\unrealtournament\system\unrealtournament.exe |
"TCP Query User{1D4A370C-329A-44F5-8212-4A8EA24E6E89}C:\users\kuba\downloads\bulanci.exe" = protocol=6 | dir=in | app=c:\users\kuba\downloads\bulanci.exe |
"TCP Query User{80CB6694-C3BE-417A-A37F-A1989F59B0EA}C:\games\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\games\fifa 13\game\fifa13.exe |
"TCP Query User{9AD68B0B-AD2A-4D7E-AC2C-D82FB920C879}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{A86B08E9-CD84-40EA-98E5-02C03E49ECF4}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe |
"TCP Query User{A8AA8E0A-47B5-4D2C-B3DD-08D1AA29354D}C:\games\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"UDP Query User{005D6B12-42A2-4679-819F-728237C3B883}C:\games\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\games\fifa 13\game\fifa13.exe |
"UDP Query User{0FC9A1A1-D23E-471C-A414-1254079D7C14}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{1A504628-2BCE-4C99-8191-88DA53083F8F}C:\games\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\games\tmnationsforever\tmforever.exe |
"UDP Query User{2962B57A-67FA-40FC-A7FF-187104FC12AC}C:\users\kuba\downloads\bulanci.exe" = protocol=17 | dir=in | app=c:\users\kuba\downloads\bulanci.exe |
"UDP Query User{C25AC6CE-1EE5-4D25-837B-8152D79348B9}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe |
"UDP Query User{D7353DE7-EDE9-4C1D-862C-C31EBD0428FF}C:\games\unreal\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\games\unreal\unrealtournament\system\unrealtournament.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EAE3FBF-E39F-4B65-ACEE-560A16CD1F44}" = Intel(R) PROSet/Wireless WiFi Software Driver
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7629623D-F0D0-4AC6-A763-FBE06ED8288C}" = Intel(R) Rapid Storage Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE94ACBF-D190-794D-45FF-AD02B6E84A9D}" = AMD Wireless Display v3.0
"{B0169FD6-8590-451E-AEFF-A6253C0A850C}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}" = AMD Catalyst Install Manager
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}" = Lenovo Solution Center
"{E7EBB2A5-8C76-4C16-95A3-2FC74BEDE270}" = Intel® PROSet/Wireless WiFi Software
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Balíček ovladače systému Windows - Lenovo LenovoVhid (06/19/2012 10.13.29.733)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = Lenovo pointing device
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{12E83A6C-62D6-4893-0093-FB396C480F7B}" = FIFA 2003 Demo
"{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}" = Adobe Flash Player 10 ActiveX
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35FF3213-7FDE-C7F7-246F-D5A567C40402}" = Catalyst Control Center InstallProxy
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A1DC8D4-9FA4-43C3-00B3-5993B4BBE7D4}" = FIFA 2003
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e6d17d96-ddaa-476f-bb07-db601024ffb1}" = Intel® PROSet/Wireless Software
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Uživatelská příručka
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.5
"Avast" = avast! Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dll-Files Fixer_is1" = Dll-Files Fixer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FIFA 13 CZ_is1" = FIFA 13 v1.0
"Google Chrome" = Google Chrome
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"LogMeIn Hamachi" = LogMeIn Hamachi
"Opera 19.0.1326.56" = Opera Stable 19.0.1326.56
"SopCast" = SopCast 3.8.3
"Steam App 223710" = Cry of Fear
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3297055240-3115464408-3211596143-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AceStream" = Ace Stream Media 2.1.5.3
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.2.2014 16:31:10 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 12.2.2014 12:05:11 | Computer Name = Kuba-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: KMPProcess.exe, verze: 1.0.1.2, časové razítko:
0x51d50ca2 Název chybujícího modulu: PanStreamer.dll, verze: 2.0.7.38, časové razítko:
0x509c8e1f Kód výjimky: 0xc0000005 Posun chyby: 0x0001dc74 ID chybujícího procesu:
0xf7c Čas spuštění chybující aplikace: 0x01cf28079dc5dcab Cesta k chybující aplikaci:
C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\PANDORA.TV\PanService\PanStreamer.dll ID zprávy: 730e6669-93ff-11e3-b313-48d22498994e
Error - 12.2.2014 22:55:40 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 13.2.2014 11:06:46 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 14.2.2014 11:13:36 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 14.2.2014 23:38:23 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 16.2.2014 3:14:57 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 16.2.2014 17:32:33 | Computer Name = Kuba-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmprph.exe, verze: 12.0.7600.16385, časové
razítko: 0x4a5bd018 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000004e4e4
ID
chybujícího procesu: 0x18f0 Čas spuštění chybující aplikace: 0x01cf2b5e99579e45 Cesta
k chybující aplikaci: C:\Program Files\Windows Media Player\wmprph.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: d80c84ed-9751-11e3-8f26-48d22498994e
Error - 17.2.2014 3:23:10 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
Error - 18.2.2014 8:37:08 | Computer Name = Kuba-PC | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start
[ System Events ]
Error - 2.2.2014 17:50:46 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 2.2.2014 17:50:46 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 4.2.2014 5:10:33 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 4.2.2014 5:10:37 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 4.2.2014 5:10:37 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 4.2.2014 5:13:17 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).
Error - 4.2.2014 5:13:17 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 16.2.2014 9:55:00 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7030
Description = Služba LogMeIn Hamachi Tunneling Engine je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.
Error - 16.2.2014 9:55:04 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo
dosaženo časového limitu (30000 ms).
Error - 16.2.2014 9:55:04 | Computer Name = Kuba-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku
následující chyby: %%1053
< End of report >
Re: Tisíc hlášení URL:Mal z ničeho nic?
Chtěl bych se zeptat; neexistuje něco, co bych proti tomu mohl dělat - dva dny nic a teď další poplach, nechápu to.
Re: Tisíc hlášení URL:Mal z ničeho nic?
Omlouvam se, pracovni povinnosti mi nedovolily se sem dostat Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tisíc hlášení URL:Mal z ničeho nic?
Tak zasílám log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.25.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Kuba :: KUBA-PC [administrátor]
25.2.2014 19:34:42
MBAM-log-2014-02-25 (20-37-16).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 388364
Uplynulý čas: 1 hodin, 9 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Users\Kuba\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 13
C:\Users\Kuba\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
C:\CD\guitar pro 6\Keygen\Keygen.rar (Malware.Gen) -> Nebyla provedena žádná instrukce.
C:\CD\guitar pro 6\Keygen\Keygen\keygen.exe (Malware.Gen) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FSEUPHP\Mobogenie_Setup_INT[1].exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Temp\dlm2D49.tmp\webcamrecorder_setup.exe (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\dontlinkthefile_3danalyzer-v236 - CHIP Downloader.exe (PUP.Optional.Freemium.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\rcpsetupst_RC1_ZZ_L_1.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\SopCast.zip (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.25.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Kuba :: KUBA-PC [administrátor]
25.2.2014 19:34:42
MBAM-log-2014-02-25 (20-37-16).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 388364
Uplynulý čas: 1 hodin, 9 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Users\Kuba\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 13
C:\Users\Kuba\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
C:\CD\guitar pro 6\Keygen\Keygen.rar (Malware.Gen) -> Nebyla provedena žádná instrukce.
C:\CD\guitar pro 6\Keygen\Keygen\keygen.exe (Malware.Gen) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FSEUPHP\Mobogenie_Setup_INT[1].exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Local\Temp\dlm2D49.tmp\webcamrecorder_setup.exe (PUP.Optional.OutBrowse) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\dontlinkthefile_3danalyzer-v236 - CHIP Downloader.exe (PUP.Optional.Freemium.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\rcpsetupst_RC1_ZZ_L_1.exe (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\Downloads\SopCast.zip (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kuba\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
(konec)
Re: Tisíc hlášení URL:Mal z ničeho nic?
Nalezy MBAMu smazte, objevi se log, ten rad uvidim"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tisíc hlášení URL:Mal z ničeho nic?
Ten log jsem nestihl zkopírovat, protože program chtěl restartovat a já vůl na to kliknul .
Nicméně jsem nálezy smazal, udělal zase důkladnou kontrolu a nebyla nalezena žádná infekce... s počítačem taky problémy nejsou, že by to bylo vše? Přikládám pro jistotu log z poslední kontroly, provedené dnes ráno.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.05.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Kuba :: KUBA-PC [administrátor]
5.3.2014 8:11:55
mbam-log-2014-03-05 (08-11-55).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 400885
Uplynulý čas: 59 minut, 18 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
.Nicméně jsem nálezy smazal, udělal zase důkladnou kontrolu a nebyla nalezena žádná infekce... s počítačem taky problémy nejsou, že by to bylo vše? Přikládám pro jistotu log z poslední kontroly, provedené dnes ráno.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.05.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Kuba :: KUBA-PC [administrátor]
5.3.2014 8:11:55
mbam-log-2014-03-05 (08-11-55).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 400885
Uplynulý čas: 59 minut, 18 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Tisíc hlášení URL:Mal z ničeho nic?
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
