VIRY.CZ

Tohle mate schvalne?
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (:0) -> NALEZENO

No popravdě já nevím co to je. Nebo k čemu to má být?
Používám program gameranger, který vytváří spojení pro LAN nebo tak něco. Může to mít něco společného s tím?
http://www.gameranger.com/
Pokud ne, tak nevím co by to mohlo být.

Netusim, neznam ten program, takze nevim jak pracuje. kazdopadne pri prvnim skenu to tam nebylo.


Dejte novy log z RSIT

Jinak to PROXY IE můžeme smazat, pokud je to něco nebezpečného.
Na ploše se mi objevily složky oem(jméno účtu) a Počítač... nevím jestli to má na svědomí nějaký program, který jsme spouštěli? Ručně jsem to tam určitě nekopíroval.

********************************************************

Logfile of random's system information tool 1.08 (written by random/random)
Run by oem at 2013-08-26 12:14:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 98 GB (16%) free of 610 GB
Total RAM: 4095 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:14:17, on 26.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\oem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1194232425-3671658707-1816436952-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1194232425-3671658707-1816436952-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8903 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2b7573b2-b182-4bf8-8570-2fabba324bab -SystemEventPortName:HostProcess-774c9ade-ae2d-439f-99aa-f888728a8ecc -IoCancelEventPortName:HostProcess-d5a739b3-c170-4d62-83bb-e6157f1deaad -NonStateChangingEventPortName:HostProcess-084d3c7c-c021-452c-a34f-068e1d1fd533 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:72479062-5ae3-46fa-87c4-c9f0e2f9d853 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1426280734-18388096941711681746-1876214070405151515-562304012-945510223-891427936
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {AF098C73-28D6-432E-A3A5-94B8424C14DC}
taskhost.exe $(Arg0)
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\oem\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-05-18 12489360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-08-24 21:28:14 ----D---- C:\AdwCleaner
2013-08-24 10:58:04 ----D---- C:\Program Files (x86)\StarCraft II
2013-08-24 09:47:28 ----D---- C:\Users\oem\AppData\Roaming\Malwarebytes
2013-08-24 09:46:28 ----D---- C:\ProgramData\Malwarebytes
2013-08-23 13:05:12 ----A---- C:\Windows\wininit.ini
2013-08-22 22:35:31 ----D---- C:\rsit
2013-08-22 22:35:31 ----D---- C:\Program Files\trend micro
2013-08-22 22:20:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-08-18 17:17:05 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-08-18 17:13:42 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-08-18 17:13:42 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-08-18 17:13:42 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-08-18 17:13:42 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-08-18 17:13:42 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-08-18 17:13:42 ----A---- C:\Windows\system32\nvopencl.dll
2013-08-18 17:13:42 ----A---- C:\Windows\system32\nvoglv64.dll
2013-08-18 17:13:42 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-08-18 17:13:42 ----A---- C:\Windows\system32\nvhdap64.dll
2013-08-18 17:13:42 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-08-18 17:13:41 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvinitx.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\NvIFR64.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\NvFBC64.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvdispgenco6432049.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvdispco6432049.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvcuvid.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvcuda.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\nvcompiler.dll
2013-08-18 17:13:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-08-18 17:12:26 ----D---- C:\NVIDIA
2013-08-18 16:55:42 ----D---- C:\NvidiaLogging
2013-08-18 16:54:41 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-08-18 16:54:41 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-08-18 16:54:41 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-08-18 14:36:07 ----D---- C:\Users\oem\AppData\Roaming\Razor
2013-08-17 11:58:55 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-15 19:12:27 ----D---- C:\Program Files (x86)\Razor
2013-08-15 18:49:16 ----D---- C:\KELEVAR
2013-08-14 10:03:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-14 10:03:00 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 10:02:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-14 10:02:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-14 10:02:59 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 10:02:59 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 10:02:58 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-14 10:02:58 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-14 10:02:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-14 10:02:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 10:02:58 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 10:02:58 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 10:02:57 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 10:02:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-14 10:02:55 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 10:02:55 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 10:02:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-14 10:02:54 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 10:02:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-14 10:02:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-14 10:02:52 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 10:02:51 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 10:02:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-14 10:02:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-14 10:02:49 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 10:02:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-14 10:02:47 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 10:02:46 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 10:02:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-14 09:58:13 ----D---- C:\Windows\system32\MRT
2013-08-14 08:00:13 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 08:00:13 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 08:00:13 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 08:00:13 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 08:00:12 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-14 08:00:12 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-14 08:00:12 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 08:00:12 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 07:59:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-14 07:59:57 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 07:59:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-14 07:59:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 07:59:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 07:59:54 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 07:59:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-14 07:59:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-14 07:59:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 07:59:47 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-14 07:59:47 ----A---- C:\Windows\system32\wow64.dll
2013-08-14 07:59:47 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 07:59:46 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-14 07:59:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-14 07:59:42 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-14 07:59:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-14 07:59:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-14 07:59:40 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 07:59:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-13 23:09:49 ----D---- C:\Program Files (x86)\Cinemax
2013-08-12 16:33:28 ----D---- C:\PST
2013-08-03 18:49:30 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll

======List of files/folders modified in the last 1 months======

2013-08-26 12:14:07 ----D---- C:\Windows\Temp
2013-08-26 12:11:21 ----D---- C:\Windows\inf
2013-08-26 12:11:18 ----D---- C:\Windows
2013-08-26 12:10:35 ----D---- C:\Windows\System32
2013-08-26 12:10:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-26 12:09:22 ----D---- C:\Windows\system32\config
2013-08-26 12:05:46 ----D---- C:\ProgramData\NVIDIA
2013-08-25 17:44:09 ----D---- C:\Program Files (x86)\MANAWYDAN
2013-08-25 17:43:55 ----D---- C:\Users\oem\AppData\Roaming\ICQ
2013-08-25 17:41:09 ----D---- C:\Windows\SoftwareDistribution
2013-08-25 16:21:45 ----D---- C:\Users\oem\AppData\Roaming\vlc
2013-08-25 11:23:19 ----D---- C:\Windows\system32\drivers
2013-08-25 08:54:19 ----SHD---- C:\Windows\Installer
2013-08-25 08:53:46 ----D---- C:\Windows\SysWOW64
2013-08-24 21:26:57 ----RD---- C:\Program Files (x86)
2013-08-24 10:50:36 ----D---- C:\Windows\system32\Tasks
2013-08-24 09:46:28 ----HD---- C:\ProgramData
2013-08-23 13:09:53 ----D---- C:\Windows\Prefetch
2013-08-23 13:05:14 ----SD---- C:\ProgramData\Microsoft
2013-08-22 22:35:31 ----RD---- C:\Program Files
2013-08-22 22:29:17 ----D---- C:\Windows\system32\drivers\etc
2013-08-21 08:48:49 ----D---- C:\Windows\system32\catroot2
2013-08-20 22:36:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-20 09:28:27 ----SHD---- C:\System Volume Information
2013-08-18 17:17:05 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-08-18 17:16:15 ----D---- C:\Windows\system32\DriverStore
2013-08-18 17:16:15 ----D---- C:\Windows\system32\catroot
2013-08-18 16:55:42 ----D---- C:\ProgramData\NVIDIA Corporation
2013-08-18 16:55:34 ----RSD---- C:\Windows\assembly
2013-08-18 16:55:04 ----D---- C:\Program Files\NVIDIA Corporation
2013-08-17 22:14:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-15 18:50:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-15 11:47:12 ----D---- C:\Windows\rescache
2013-08-14 21:48:10 ----D---- C:\Windows\Panther
2013-08-14 21:48:06 ----D---- C:\Windows\debug
2013-08-14 15:30:36 ----D---- C:\Windows\Microsoft.NET
2013-08-14 12:35:20 ----D---- C:\Windows\winsxs
2013-08-14 12:33:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-14 12:33:01 ----D---- C:\Windows\system32\cs-CZ
2013-08-14 12:32:59 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-14 12:32:58 ----D---- C:\Program Files\Internet Explorer
2013-08-14 12:32:57 ----D---- C:\Windows\AppPatch
2013-08-14 09:58:08 ----A---- C:\Windows\system32\MRT.exe
2013-08-13 23:36:40 ----D---- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
2013-08-04 12:01:30 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-14 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-05-22 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-05-22 43680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-05-22 4052496]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-05-14 39712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 61280]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14984480]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-30 76888]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-01-15 45056]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-06-07 543656]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 30.8.2013 19:32:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\oem\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,99 Gb Available Physical Memory | 74,84% Memory free
8,00 Gb Paging File | 6,97 Gb Available in Paging File | 87,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 96,15 Gb Free Space | 16,13% Space Free | Partition Type: NTFS
Drive D: | 7,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: BARBONE | User Name: oem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.08.27 19:16:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
PRC - [2013.07.27 10:36:26 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.30 21:32:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.02.28 10:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.02.28 10:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2013.07.27 10:50:22 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.02.28 10:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.08.20 22:36:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.17 11:59:01 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.27 10:36:26 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.05.30 21:32:31 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.15 19:50:21 | 000,045,056 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.05.22 14:32:13 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.05.22 14:32:12 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.05.14 21:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.05.14 19:02:00 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.28 10:36:34 | 000,177,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.02.28 10:36:34 | 000,068,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.02.28 10:36:33 | 001,025,880 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.02.28 10:36:33 | 000,377,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.02.28 10:36:33 | 000,071,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.02.28 10:36:33 | 000,065,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.02.28 10:36:32 | 000,080,888 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.02.28 10:36:31 | 000,033,472 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.29 11:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.08.05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0AA71A99-E0E9-4AC0-9E32-7B23A9026E21}
IE:64bit: - HKLM\..\SearchScopes\{0AA71A99-E0E9-4AC0-9E32-7B23A9026E21}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9EBFD759-F8D9-4507-B72B-6D7801B645BB}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.tsbohemia.cz [binary data]
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.tsbohemia.cz [binary data]
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

IE - HKU\S-1-5-21-1194232425-3671658707-1816436952-1001\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.07 14:44:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.25 08:54:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.08.25 08:54:08 | 000,000,000 | ---D | M]

[2012.08.16 09:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\oem\AppData\Roaming\Mozilla\Extensions
[2013.08.27 22:31:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\wm7wa2if.default\extensions
[2013.08.27 22:31:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\wm7wa2if.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.08.17 11:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.08.17 11:59:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013.08.25 11:20:27 | 000,000,741 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1194232425-3671658707-1816436952-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1194232425-3671658707-1816436952-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 [2013.08.21 10:38:29 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2013.08.21 10:42:11 | 000,000,000 | ---D | M]
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C38B77AC-627A-46EF-BD12-66B5BE814DAD}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.25 01:34:11 | 000,000,046 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{29af4dc7-e6c2-11e1-8d49-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{29af4dc7-e6c2-11e1-8d49-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- [2010.05.25 01:34:11 | 002,505,256 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.08.27 19:16:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2013.08.25 10:58:53 | 000,000,000 | ---D | C] -- C:\Users\oem\Desktop\RK_Quarantine
[2013.08.24 21:28:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.08.24 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2013.08.24 09:47:28 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Roaming\Malwarebytes
[2013.08.24 09:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.08.22 22:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.08.22 22:35:31 | 000,000,000 | ---D | C] -- C:\rsit
[2013.08.22 22:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.08.21 10:38:15 | 000,000,000 | ---D | C] -- C:\Users\oem\Desktop\3
[2013.08.21 10:38:09 | 000,000,000 | ---D | C] -- C:\Users\oem\Desktop\2
[2013.08.21 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\oem\Desktop\1
[2013.08.18 17:17:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.08.18 17:13:42 | 027,781,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.08.18 17:13:42 | 021,102,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.08.18 17:13:42 | 013,411,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.08.18 17:13:42 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.08.18 17:13:42 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.08.18 17:13:42 | 000,925,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.08.18 17:13:42 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.08.18 17:13:42 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.08.18 17:13:42 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.08.18 17:13:42 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.08.18 17:13:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.08.18 17:13:41 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.08.18 17:13:41 | 015,144,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.08.18 17:13:41 | 009,239,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.08.18 17:13:41 | 007,687,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.08.18 17:13:41 | 002,953,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.08.18 17:13:41 | 002,777,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.08.18 17:13:41 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.08.18 17:13:41 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.08.18 17:13:41 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432049.dll
[2013.08.18 17:13:41 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432049.dll
[2013.08.18 17:13:41 | 000,572,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.08.18 17:13:41 | 000,570,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.08.18 17:13:41 | 000,467,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.08.18 17:13:41 | 000,465,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.08.18 17:13:41 | 000,266,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.08.18 17:13:41 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.08.18 17:12:26 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.08.18 16:56:08 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Local\NVIDIA
[2013.08.18 16:55:42 | 000,000,000 | ---D | C] -- C:\NvidiaLogging
[2013.08.18 16:54:41 | 000,039,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.08.18 16:54:41 | 000,029,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.08.18 16:54:41 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.08.18 14:36:07 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Roaming\Razor
[2013.08.18 14:21:24 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Razor
[2013.08.17 11:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.08.15 20:02:47 | 000,000,000 | ---D | C] -- C:\Users\oem\Documents\EA Games
[2013.08.15 19:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor
[2013.08.15 19:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razor
[2013.08.15 18:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2013.08.15 18:49:16 | 000,000,000 | ---D | C] -- C:\KELEVAR
[2013.08.14 10:03:01 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.08.14 10:03:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.08.14 10:02:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.08.14 10:02:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.08.14 10:02:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.08.14 10:02:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.08.14 10:02:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.08.14 10:02:58 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.08.14 10:02:58 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.08.14 10:02:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.08.14 10:02:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.08.14 10:02:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.08.14 10:02:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.08.14 10:02:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.08.14 10:02:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.08.14 09:58:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.08.14 08:00:13 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.08.14 08:00:13 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.08.14 08:00:12 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.08.14 07:59:55 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.08.14 07:59:55 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.08.14 07:59:54 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.08.14 07:59:52 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.08.14 07:59:50 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.08.14 07:59:50 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.08.14 07:59:47 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.08.14 07:59:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.08.14 07:59:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.08.14 07:59:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.08.14 07:59:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.08.14 07:59:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.08.14 07:59:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.08.13 23:18:36 | 000,000,000 | ---D | C] -- C:\Users\oem\Documents\Inquisitor_SaveGames
[2013.08.13 23:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinemax
[2013.08.12 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\oem\Documents\Diablo III
[2013.08.12 16:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Isle
[2013.08.12 16:33:28 | 000,000,000 | ---D | C] -- C:\PST
[2013.08.03 18:49:30 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.08.30 19:35:05 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.30 19:33:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.30 15:23:02 | 000,851,933 | ---- | M] () -- C:\Users\oem\Desktop\7535437.jpg
[2013.08.30 15:22:19 | 000,983,807 | ---- | M] () -- C:\Users\oem\Desktop\7535157.jpg
[2013.08.30 15:18:59 | 000,547,198 | ---- | M] () -- C:\Users\oem\Desktop\5944552.jpg
[2013.08.30 15:18:21 | 000,772,792 | ---- | M] () -- C:\Users\oem\Desktop\7605133.jpg
[2013.08.30 15:17:50 | 000,021,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.30 15:17:50 | 000,021,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.30 15:15:57 | 000,465,238 | ---- | M] () -- C:\Users\oem\Desktop\6503047.jpg
[2013.08.30 15:15:00 | 000,364,477 | ---- | M] () -- C:\Users\oem\Desktop\6503132.jpg
[2013.08.30 15:14:58 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.08.30 15:14:58 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.08.30 15:14:58 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.08.30 15:14:58 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.08.30 15:14:58 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.08.30 15:14:38 | 000,426,356 | ---- | M] () -- C:\Users\oem\Desktop\6503135.jpg
[2013.08.30 15:14:03 | 000,344,366 | ---- | M] () -- C:\Users\oem\Desktop\6503120.jpg
[2013.08.30 15:12:52 | 000,407,363 | ---- | M] () -- C:\Users\oem\Desktop\7602434.jpg
[2013.08.30 15:12:30 | 000,563,014 | ---- | M] () -- C:\Users\oem\Desktop\7602435.jpg
[2013.08.30 15:11:55 | 000,468,950 | ---- | M] () -- C:\Users\oem\Desktop\7602429.jpg
[2013.08.30 15:10:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.30 15:10:10 | 3220,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.30 12:06:43 | 000,089,063 | ---- | M] () -- C:\Users\oem\Desktop\7514836.jpg
[2013.08.30 11:26:12 | 000,138,130 | ---- | M] () -- C:\Users\oem\Desktop\1zakazka10.jpg
[2013.08.29 15:38:28 | 000,102,570 | ---- | M] () -- C:\Users\oem\Desktop\7224825.jpg
[2013.08.29 15:38:10 | 000,127,379 | ---- | M] () -- C:\Users\oem\Desktop\7224824.jpg
[2013.08.29 15:37:34 | 000,201,106 | ---- | M] () -- C:\Users\oem\Desktop\7224805.jpg
[2013.08.29 15:34:42 | 000,196,990 | ---- | M] () -- C:\Users\oem\Desktop\6732107.jpg
[2013.08.29 15:34:20 | 000,484,761 | ---- | M] () -- C:\Users\oem\Desktop\6732103.jpg
[2013.08.29 15:33:40 | 000,160,011 | ---- | M] () -- C:\Users\oem\Desktop\6661994.jpg
[2013.08.29 15:33:09 | 000,533,358 | ---- | M] () -- C:\Users\oem\Desktop\6522223.jpg
[2013.08.29 15:32:51 | 000,268,457 | ---- | M] () -- C:\Users\oem\Desktop\6522224.jpg
[2013.08.29 15:32:24 | 000,363,121 | ---- | M] () -- C:\Users\oem\Desktop\7132148.jpg
[2013.08.29 15:18:58 | 000,070,731 | ---- | M] () -- C:\Users\oem\Desktop\7624412.jpg
[2013.08.28 11:51:32 | 000,752,031 | ---- | M] () -- C:\Users\oem\Desktop\aa.jpg
[2013.08.27 19:16:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2013.08.26 22:59:13 | 000,006,245 | ---- | M] () -- C:\Users\oem\Desktop\mworc.jpg
[2013.08.26 22:58:11 | 000,098,413 | ---- | M] () -- C:\Users\oem\Desktop\alchac.jpg
[2013.08.26 20:13:16 | 001,053,120 | ---- | M] () -- C:\Users\oem\Desktop\a9.jpg
[2013.08.26 20:11:44 | 000,984,031 | ---- | M] () -- C:\Users\oem\Desktop\a8.jpg
[2013.08.26 20:10:02 | 001,012,211 | ---- | M] () -- C:\Users\oem\Desktop\a7.jpg
[2013.08.26 20:08:20 | 001,017,491 | ---- | M] () -- C:\Users\oem\Desktop\a6.jpg
[2013.08.26 20:06:51 | 000,991,877 | ---- | M] () -- C:\Users\oem\Desktop\a5.jpg
[2013.08.26 20:04:37 | 000,969,606 | ---- | M] () -- C:\Users\oem\Desktop\a4.jpg
[2013.08.26 20:02:58 | 000,949,187 | ---- | M] () -- C:\Users\oem\Desktop\a3.jpg
[2013.08.26 20:01:24 | 000,992,441 | ---- | M] () -- C:\Users\oem\Desktop\a2.jpg
[2013.08.26 19:59:39 | 000,982,676 | ---- | M] () -- C:\Users\oem\Desktop\a1.jpg
[2013.08.26 13:12:26 | 001,038,329 | ---- | M] () -- C:\Users\oem\Desktop\alchymista3.jpg
[2013.08.26 13:11:07 | 000,921,204 | ---- | M] () -- C:\Users\oem\Desktop\alchymista2.jpg
[2013.08.26 13:09:18 | 000,924,739 | ---- | M] () -- C:\Users\oem\Desktop\alchymista1.jpg
[2013.08.25 17:41:03 | 000,000,180 | ---- | M] () -- C:\Users\oem\Documents\cc_20130825_174101.reg
[2013.08.25 17:40:54 | 000,000,288 | ---- | M] () -- C:\Users\oem\Documents\cc_20130825_174052.reg
[2013.08.25 17:40:42 | 000,010,690 | ---- | M] () -- C:\Users\oem\Documents\cc_20130825_174038.reg
[2013.08.25 11:20:27 | 000,000,741 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.08.25 10:58:09 | 000,923,136 | ---- | M] () -- C:\Users\oem\Desktop\RogueKiller.exe
[2013.08.24 21:27:39 | 000,994,642 | ---- | M] () -- C:\Users\oem\Desktop\adwcleaner.exe
[2013.08.24 11:15:44 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013.08.23 18:03:52 | 000,009,841 | ---- | M] () -- C:\Users\oem\Desktop\nekro2.jpg
[2013.08.23 17:58:35 | 000,049,367 | ---- | M] () -- C:\Users\oem\Desktop\NEKRO.jpg
[2013.08.23 16:47:40 | 000,135,086 | ---- | M] () -- C:\Users\oem\Desktop\obad_hai_by_Geistig.jpg
[2013.08.23 16:47:10 | 000,570,758 | ---- | M] () -- C:\Users\oem\Desktop\2677ff0b0d10c6c4159c9ce71273ab8d-d4slhb7.jpg
[2013.08.23 16:45:02 | 000,135,370 | ---- | M] () -- C:\Users\oem\Desktop\human_wizard_by_saturnoarg-d3kpdus.jpg
[2013.08.23 16:41:37 | 000,122,973 | ---- | M] () -- C:\Users\oem\Desktop\rogue_by_ravenmorgoth-d5zpcvc.jpg
[2013.08.23 16:38:11 | 000,137,503 | ---- | M] () -- C:\Users\oem\Desktop\340a6c774da41f96caf1bf737737ed0a-d6374tc.jpg
[2013.08.23 16:37:24 | 000,059,473 | ---- | M] () -- C:\Users\oem\Desktop\ordo_aquilae_by_thepastart-d573e1k.jpg
[2013.08.23 16:36:25 | 000,113,759 | ---- | M] () -- C:\Users\oem\Desktop\warrior_ii_by_meisl-d5xn9np.jpg
[2013.08.23 13:05:14 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2013.08.20 22:36:08 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.08.20 22:36:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.08.18 18:50:05 | 000,007,418 | ---- | M] () -- C:\Users\oem\Documents\cc_20130818_185002.reg
[2013.08.18 14:21:25 | 000,000,985 | ---- | M] () -- C:\Users\oem\Desktop\Razor.lnk
[2013.08.17 14:36:57 | 000,109,918 | ---- | M] () -- C:\Users\oem\Desktop\ORKMAGE.jpg
[2013.08.16 23:20:10 | 000,034,871 | ---- | M] () -- C:\Users\oem\Desktop\TRP.jpg
[2013.08.16 23:08:24 | 000,214,113 | ---- | M] () -- C:\Users\oem\Desktop\dwarf_slayer_web.jpg
[2013.08.15 19:03:14 | 000,000,923 | ---- | M] () -- C:\Users\oem\Desktop\KelevarClient – zástupce.lnk
[2013.08.15 18:28:33 | 000,897,125 | ---- | M] () -- C:\Users\oem\Desktop\ilshenar.jpg
[2013.08.14 18:33:57 | 000,799,306 | ---- | M] () -- C:\Users\oem\Desktop\zonypvpbarevne.jpg
[2013.08.14 13:35:11 | 000,011,176 | ---- | M] () -- C:\Users\oem\Desktop\ORK.jpg
[2013.08.14 13:32:42 | 000,009,600 | ---- | M] () -- C:\Users\oem\Desktop\fujiwara_1361964801.jpg
[2013.08.14 13:26:36 | 000,138,666 | ---- | M] () -- C:\Users\oem\Desktop\824_max.jpg
[2013.08.14 13:26:25 | 000,131,777 | ---- | M] () -- C:\Users\oem\Desktop\vfvbq7o6.jpg
[2013.08.14 08:17:30 | 014,149,443 | ---- | M] () -- C:\Users\oem\Desktop\333014_101642_albert_hypermarket_33_2013.pdf
[2013.08.12 18:03:39 | 000,000,827 | ---- | M] () -- C:\Users\oem\Desktop\Torment – zástupce.lnk
[2013.08.07 09:39:58 | 027,200,991 | ---- | M] () -- C:\Users\oem\Desktop\rainy-mood.mp3
[2013.08.05 07:17:13 | 018,264,501 | ---- | M] () -- C:\Users\oem\Desktop\326756_101168_albert_hypermarket_31_2013.pdf
[2013.08.04 00:10:19 | 1483,247,616 | ---- | M] () -- C:\Users\oem\Desktop\Star-Trek-Into-Darkness---Do-temnoty---CZtit.avi
[2013.08.03 18:49:30 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.08.30 15:23:02 | 000,851,933 | ---- | C] () -- C:\Users\oem\Desktop\7535437.jpg
[2013.08.30 15:22:18 | 000,983,807 | ---- | C] () -- C:\Users\oem\Desktop\7535157.jpg
[2013.08.30 15:18:58 | 000,547,198 | ---- | C] () -- C:\Users\oem\Desktop\5944552.jpg
[2013.08.30 15:18:21 | 000,772,792 | ---- | C] () -- C:\Users\oem\Desktop\7605133.jpg
[2013.08.30 15:15:56 | 000,465,238 | ---- | C] () -- C:\Users\oem\Desktop\6503047.jpg
[2013.08.30 15:14:59 | 000,364,477 | ---- | C] () -- C:\Users\oem\Desktop\6503132.jpg
[2013.08.30 15:14:38 | 000,426,356 | ---- | C] () -- C:\Users\oem\Desktop\6503135.jpg
[2013.08.30 15:14:02 | 000,344,366 | ---- | C] () -- C:\Users\oem\Desktop\6503120.jpg
[2013.08.30 15:12:51 | 000,407,363 | ---- | C] () -- C:\Users\oem\Desktop\7602434.jpg
[2013.08.30 15:12:30 | 000,563,014 | ---- | C] () -- C:\Users\oem\Desktop\7602435.jpg
[2013.08.30 15:11:53 | 000,468,950 | ---- | C] () -- C:\Users\oem\Desktop\7602429.jpg
[2013.08.30 12:06:41 | 000,089,063 | ---- | C] () -- C:\Users\oem\Desktop\7514836.jpg
[2013.08.30 11:26:12 | 000,138,130 | ---- | C] () -- C:\Users\oem\Desktop\1zakazka10.jpg
[2013.08.29 15:38:27 | 000,102,570 | ---- | C] () -- C:\Users\oem\Desktop\7224825.jpg
[2013.08.29 15:38:09 | 000,127,379 | ---- | C] () -- C:\Users\oem\Desktop\7224824.jpg
[2013.08.29 15:37:33 | 000,201,106 | ---- | C] () -- C:\Users\oem\Desktop\7224805.jpg
[2013.08.29 15:34:42 | 000,196,990 | ---- | C] () -- C:\Users\oem\Desktop\6732107.jpg
[2013.08.29 15:34:19 | 000,484,761 | ---- | C] () -- C:\Users\oem\Desktop\6732103.jpg
[2013.08.29 15:33:39 | 000,160,011 | ---- | C] () -- C:\Users\oem\Desktop\6661994.jpg
[2013.08.29 15:33:08 | 000,533,358 | ---- | C] () -- C:\Users\oem\Desktop\6522223.jpg
[2013.08.29 15:32:50 | 000,268,457 | ---- | C] () -- C:\Users\oem\Desktop\6522224.jpg
[2013.08.29 15:32:23 | 000,363,121 | ---- | C] () -- C:\Users\oem\Desktop\7132148.jpg
[2013.08.29 15:18:55 | 000,070,731 | ---- | C] () -- C:\Users\oem\Desktop\7624412.jpg
[2013.08.28 11:51:32 | 000,752,031 | ---- | C] () -- C:\Users\oem\Desktop\aa.jpg
[2013.08.27 19:20:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.26 22:59:11 | 000,006,245 | ---- | C] () -- C:\Users\oem\Desktop\mworc.jpg
[2013.08.26 22:58:11 | 000,098,413 | ---- | C] () -- C:\Users\oem\Desktop\alchac.jpg
[2013.08.26 20:13:15 | 001,053,120 | ---- | C] () -- C:\Users\oem\Desktop\a9.jpg
[2013.08.26 20:11:44 | 000,984,031 | ---- | C] () -- C:\Users\oem\Desktop\a8.jpg
[2013.08.26 20:10:02 | 001,012,211 | ---- | C] () -- C:\Users\oem\Desktop\a7.jpg
[2013.08.26 20:08:20 | 001,017,491 | ---- | C] () -- C:\Users\oem\Desktop\a6.jpg
[2013.08.26 20:06:51 | 000,991,877 | ---- | C] () -- C:\Users\oem\Desktop\a5.jpg
[2013.08.26 20:04:37 | 000,969,606 | ---- | C] () -- C:\Users\oem\Desktop\a4.jpg
[2013.08.26 20:02:58 | 000,949,187 | ---- | C] () -- C:\Users\oem\Desktop\a3.jpg
[2013.08.26 20:01:24 | 000,992,441 | ---- | C] () -- C:\Users\oem\Desktop\a2.jpg
[2013.08.26 19:58:56 | 000,982,676 | ---- | C] () -- C:\Users\oem\Desktop\a1.jpg
[2013.08.26 13:12:26 | 001,038,329 | ---- | C] () -- C:\Users\oem\Desktop\alchymista3.jpg
[2013.08.26 13:11:07 | 000,921,204 | ---- | C] () -- C:\Users\oem\Desktop\alchymista2.jpg
[2013.08.26 13:09:17 | 000,924,739 | ---- | C] () -- C:\Users\oem\Desktop\alchymista1.jpg
[2013.08.25 17:41:02 | 000,000,180 | ---- | C] () -- C:\Users\oem\Documents\cc_20130825_174101.reg
[2013.08.25 17:40:53 | 000,000,288 | ---- | C] () -- C:\Users\oem\Documents\cc_20130825_174052.reg
[2013.08.25 17:40:41 | 000,010,690 | ---- | C] () -- C:\Users\oem\Documents\cc_20130825_174038.reg
[2013.08.25 10:58:02 | 000,923,136 | ---- | C] () -- C:\Users\oem\Desktop\RogueKiller.exe
[2013.08.24 21:27:21 | 000,994,642 | ---- | C] () -- C:\Users\oem\Desktop\adwcleaner.exe
[2013.08.23 18:03:51 | 000,009,841 | ---- | C] () -- C:\Users\oem\Desktop\nekro2.jpg
[2013.08.23 17:58:35 | 000,049,367 | ---- | C] () -- C:\Users\oem\Desktop\NEKRO.jpg
[2013.08.23 16:47:39 | 000,135,086 | ---- | C] () -- C:\Users\oem\Desktop\obad_hai_by_Geistig.jpg
[2013.08.23 16:47:10 | 000,570,758 | ---- | C] () -- C:\Users\oem\Desktop\2677ff0b0d10c6c4159c9ce71273ab8d-d4slhb7.jpg
[2013.08.23 16:45:02 | 000,135,370 | ---- | C] () -- C:\Users\oem\Desktop\human_wizard_by_saturnoarg-d3kpdus.jpg
[2013.08.23 16:41:37 | 000,122,973 | ---- | C] () -- C:\Users\oem\Desktop\rogue_by_ravenmorgoth-d5zpcvc.jpg
[2013.08.23 16:38:10 | 000,137,503 | ---- | C] () -- C:\Users\oem\Desktop\340a6c774da41f96caf1bf737737ed0a-d6374tc.jpg
[2013.08.23 16:37:24 | 000,059,473 | ---- | C] () -- C:\Users\oem\Desktop\ordo_aquilae_by_thepastart-d573e1k.jpg
[2013.08.23 16:36:24 | 000,113,759 | ---- | C] () -- C:\Users\oem\Desktop\warrior_ii_by_meisl-d5xn9np.jpg
[2013.08.23 13:05:12 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.08.18 18:50:04 | 000,007,418 | ---- | C] () -- C:\Users\oem\Documents\cc_20130818_185002.reg
[2013.08.18 14:21:25 | 000,000,985 | ---- | C] () -- C:\Users\oem\Desktop\Razor.lnk
[2013.08.17 14:36:57 | 000,109,918 | ---- | C] () -- C:\Users\oem\Desktop\ORKMAGE.jpg
[2013.08.16 23:20:10 | 000,034,871 | ---- | C] () -- C:\Users\oem\Desktop\TRP.jpg
[2013.08.16 23:08:23 | 000,214,113 | ---- | C] () -- C:\Users\oem\Desktop\dwarf_slayer_web.jpg
[2013.08.15 19:03:14 | 000,000,923 | ---- | C] () -- C:\Users\oem\Desktop\KelevarClient – zástupce.lnk
[2013.08.15 18:28:30 | 000,897,125 | ---- | C] () -- C:\Users\oem\Desktop\ilshenar.jpg
[2013.08.14 18:33:55 | 000,799,306 | ---- | C] () -- C:\Users\oem\Desktop\zonypvpbarevne.jpg
[2013.08.14 13:35:11 | 000,011,176 | ---- | C] () -- C:\Users\oem\Desktop\ORK.jpg
[2013.08.14 13:32:42 | 000,009,600 | ---- | C] () -- C:\Users\oem\Desktop\fujiwara_1361964801.jpg
[2013.08.14 13:26:35 | 000,138,666 | ---- | C] () -- C:\Users\oem\Desktop\824_max.jpg
[2013.08.14 13:26:23 | 000,131,777 | ---- | C] () -- C:\Users\oem\Desktop\vfvbq7o6.jpg
[2013.08.14 08:17:15 | 014,149,443 | ---- | C] () -- C:\Users\oem\Desktop\333014_101642_albert_hypermarket_33_2013.pdf
[2013.08.12 18:03:39 | 000,000,827 | ---- | C] () -- C:\Users\oem\Desktop\Torment – zástupce.lnk
[2013.08.07 09:38:28 | 027,200,991 | ---- | C] () -- C:\Users\oem\Desktop\rainy-mood.mp3
[2013.08.05 07:16:55 | 018,264,501 | ---- | C] () -- C:\Users\oem\Desktop\326756_101168_albert_hypermarket_31_2013.pdf
[2013.08.03 20:58:16 | 1483,247,616 | ---- | C] () -- C:\Users\oem\Desktop\Star-Trek-Into-Darkness---Do-temnoty---CZtit.avi
[2013.06.16 17:35:46 | 000,045,270 | ---- | C] () -- C:\Users\oem\AppData\Roaming\room_v3.dat
[2013.01.31 00:22:53 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013.01.31 00:22:53 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2013.01.31 00:22:53 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.08.19 16:30:06 | 001,554,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.16 15:35:10 | 000,280,792 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.16 15:35:08 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012.08.16 15:35:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.08.13 23:36:40 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
[2013.07.04 17:26:26 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\fltk.org
[2013.06.19 18:18:58 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\GameRanger
[2013.08.30 19:30:13 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ICQ
[2012.11.05 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\LolClient
[2013.08.18 14:36:07 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Razor
[2013.05.21 14:39:25 | 000,000,000 | -HSD | M] -- C:\Users\oem\AppData\Roaming\wyUpdate AU

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.01.12 22:37:08 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.04.24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.04.24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.07 22:07:29 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Adobe
[2013.08.13 23:36:40 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
[2013.07.04 17:26:26 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\fltk.org
[2013.06.19 18:18:58 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\GameRanger
[2013.08.30 19:30:13 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\ICQ
[2012.08.15 12:28:24 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Identities
[2012.11.05 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\LolClient
[2012.08.15 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Macromedia
[2013.08.24 09:47:28 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Malwarebytes
[2010.11.21 11:38:16 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Media Center Programs
[2013.06.07 12:49:17 | 000,000,000 | --SD | M] -- C:\Users\oem\AppData\Roaming\Microsoft
[2012.08.16 09:50:13 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Mozilla
[2012.11.02 00:30:06 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\NVIDIA
[2013.08.18 14:36:07 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Razor
[2013.07.13 19:24:04 | 000,000,000 | RH-D | M] -- C:\Users\oem\AppData\Roaming\SecuROM
[2013.08.30 15:30:05 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\vlc
[2012.08.20 13:10:12 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\WinRAR
[2013.05.21 14:39:25 | 000,000,000 | -HSD | M] -- C:\Users\oem\AppData\Roaming\wyUpdate AU

< %APPDATA%\*.exe /s >
[2013.07.02 21:14:10 | 001,824,928 | ---- | M] (GameRanger Technologies) -- C:\Users\oem\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[2013.05.18 20:44:10 | 000,010,134 | R--- | M] () -- C:\Users\oem\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.30 19:33:31 | 000,000,512 | ---- | M] () MD5=1FA51F9973F9FFBD4CF06DBF10489177 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.05.13 21:20:06 | 304,615,878 | ---- | M] () -- \Users\oem\Downloads\borderlands-2-update-v1-5-0-cracked-přes-MultiLoad.cz\Borderlands.2.Update.V1.5.0.Cracked\Borderlands.2.Update.V1.5.0.Cracked\Borderlands.2.Update.V1.5.0.Cracked.exe

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.07.27 10:39:05 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2012.09.18 12:35:42 | 000,058,880 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2012.11.13 19:21:08 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2012.11.13 19:22:16 | 000,000,916 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2012.11.13 19:22:10 | 000,000,916 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2012.11.13 19:22:16 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2012.11.13 19:21:02 | 000,002,656 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2012.11.13 19:21:08 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2012.11.13 19:22:40 | 000,000,852 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2012.11.13 19:22:40 | 000,000,852 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2012.11.13 19:22:16 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2012.11.13 19:22:40 | 000,002,868 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2012.11.13 19:21:08 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2012.11.13 19:23:06 | 000,000,876 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2012.11.13 19:23:08 | 000,000,876 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2012.11.13 19:22:16 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2012.11.13 19:21:10 | 000,002,706 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2012.12.17 12:54:52 | 000,000,820 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\INT\GD_Iris_LoaderBUL.int
[2012.12.17 12:54:34 | 000,000,820 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\INT\GD_Iris_LoaderHOT.int
[2013.01.19 14:38:23 | 000,002,656 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\INT\GD_Iris_Population_Loader.int
[2012.11.13 19:21:08 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2012.11.13 19:21:16 | 000,000,856 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2012.11.13 19:21:22 | 000,000,856 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2012.11.13 19:22:16 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2012.11.13 19:21:16 | 000,002,754 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2012.11.13 19:21:08 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2012.11.13 19:23:24 | 000,000,748 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2012.11.13 19:22:40 | 000,000,748 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2012.11.13 19:21:08 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2012.11.13 19:22:16 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2012.11.13 19:21:02 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2012.11.13 19:22:40 | 000,002,636 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2013.04.02 20:05:03 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBadass.KOR
[2013.04.02 20:06:52 | 000,000,728 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBUL.KOR
[2013.04.02 20:05:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderEXP.KOR
[2013.04.02 20:05:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderGUN.KOR
[2013.04.02 20:06:53 | 000,000,728 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderHOT.KOR
[2013.04.02 20:05:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderJET.KOR
[2013.04.02 20:05:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderPWR.KOR
[2013.04.02 20:05:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderRPG.KOR
[2013.04.02 20:05:03 | 000,002,636 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_Population_Loader.KOR
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2012.10.17 13:05:48 | 000,004,418 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2012.10.17 13:05:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2012.10.17 13:05:48 | 000,004,550 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2012.10.17 13:05:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2012.10.17 13:05:48 | 000,004,486 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2012.10.17 13:05:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2012.11.14 23:10:12 | 000,004,418 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\INT\GD_Orchid_Pop_Loader.int
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2012.10.17 13:05:48 | 000,004,558 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2012.10.17 13:05:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2012.10.17 13:05:48 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2012.10.17 13:05:48 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2012.10.17 13:05:48 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2012.10.17 13:05:48 | 000,004,418 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2012.10.17 13:05:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2013.04.02 20:05:04 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBadass.KOR
[2013.04.02 20:05:04 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBoss.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBUL.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderEXP.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderGUN.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderHOT.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderION.KOR
[2013.04.02 20:05:04 | 000,000,228 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderJunk.KOR
[2013.04.02 20:05:04 | 000,000,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPirate.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPWR.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderRPG.KOR
[2013.04.02 20:05:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderWAR.KOR
[2013.04.02 20:05:04 | 000,004,418 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_Loader.KOR
[2013.04.02 20:05:04 | 000,000,216 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_LoaderBoss.KOR
[2013.01.10 11:24:50 | 000,000,892 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Sage\Compat\Localization\ESN\GD_Sage_Pop_Loader.ESN
[2013.01.10 11:24:50 | 000,000,874 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Sage\Compat\Localization\FRA\GD_Sage_Pop_Loader.FRA
[2013.01.10 11:24:50 | 000,000,898 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Sage\Compat\Localization\ITA\GD_Sage_Pop_Loader.ITA
[2013.04.02 20:07:22 | 000,000,866 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\DLC\Sage\Compat\Localization\KOR\GD_Sage_Pop_Loader.KOR
[2012.09.18 12:35:42 | 003,465,909 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2012.09.18 12:35:42 | 000,032,232 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2012.09.18 12:35:42 | 000,001,140 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2012.09.18 12:35:42 | 000,000,504 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2012.09.18 12:35:42 | 000,009,492 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2012.09.18 12:35:42 | 000,001,072 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2012.09.18 12:35:42 | 000,000,518 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2012.09.18 12:35:42 | 000,009,746 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2012.09.18 12:35:42 | 000,001,098 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2012.09.18 12:35:42 | 000,000,514 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2012.09.18 12:35:42 | 000,009,610 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2012.10.15 23:45:00 | 000,001,038 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_BigLoaderTurret.int
[2012.10.17 01:02:04 | 000,000,502 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_LootMidget_LoaderGUN.int
[2012.10.28 17:04:20 | 000,009,468 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_Population_Loader.int
[2012.09.18 12:35:42 | 000,001,068 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2012.09.18 12:35:42 | 000,000,530 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2012.09.18 12:35:42 | 000,009,798 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2012.09.18 12:35:42 | 000,000,946 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2012.09.18 12:35:42 | 000,000,502 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2012.09.18 12:35:42 | 000,009,486 | ---- | M] () -- \Program Files (x86)\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2013.08.24 11:22:07 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2013.03.03 17:28:29 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.03.03 17:28:29 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.03.03 17:28:29 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 11:29:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.35\deploy\assets\storeImages\layout\small_loader.gif
[2013.07.17 09:11:48 | 000,001,415 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.35\deploy\mod\cfct\assets\FeaturedContentLoaderAssets.swf
[2013.07.27 10:39:05 | 001,152,288 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 10:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 10:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 10:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 10:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.07.03 04:32:14 | 000,057,856 | ---- | M] () -- \Program Files (x86)\Razor\Loader.dll
[2013.08.24 11:23:55 | 000,006,636 | ---- | M] () -- \Program Files (x86)\StarCraft II\Logs\Downloader.log
[2013.08.24 10:58:13 | 002,643,520 | ---- | M] () -- \Program Files (x86)\StarCraft II\Support\BlizzardDownloader.exe
[2012.02.17 20:55:10 | 000,055,296 | ---- | M] () -- \Program Files (x86)\WinRar\Formats\ace32loader.exe
[2013.07.27 10:39:05 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{F3408345-4394-418A-8662-95902C66AAC4}\ExtensionLoader.dll
[2012.08.19 10:52:07 | 001,238,562 | ---- | M] () -- \Users\oem\Documents\Witcher 2\Downloads\Downloader.exe
[2012.08.23 20:18:06 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.11.21 04:31:21 | 000,224,256 | R--- | M] () -- \Windows\ConfigSetRoot\sources\upgloader.dll
[2010.11.21 04:31:21 | 000,024,064 | R--- | M] () -- \Windows\ConfigSetRoot\sources\cs-cz\upgloader.dll.mui
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.08.15 12:59:46 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.08.15 12:59:46 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.08.15 12:59:46 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.08.15 12:59:46 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.08.15 12:59:46 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.10.22 12:10:36 | 000,028,672 | ---- | M] () -- \Program Files (x86)\MANAWYDAN\MWClient.XmlSerializers.dll
[2009.06.23 21:32:32 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\3.0.40624.0\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.11.06 10:56:03 | 000,723,648 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\fujiwaracze\counter-strike source\bin\dmserializers.dll
[2012.11.04 18:06:22 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\fujiwaracze\team fortress 2\bin\dmserializers.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.05.24 18:00:33 | 000,000,023 | ---- | M] () -- \ProgramData\Solidshield\85GMDMAEY4JY1OB50JWM1AXDV60GRFFQ\serial.txt
[2013.05.24 18:00:33 | 000,000,023 | ---- | M] () -- \Users\All Users\Solidshield\85GMDMAEY4JY1OB50JWM1AXDV60GRFFQ\serial.txt
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.14 12:39:52 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 15:25:44 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.14 12:37:24 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 14:01:12 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.08.14 15:28:12 | 002,647,552 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\420022aad3481c670eb86a4ca72d5b43\System.Runtime.Serialization.ni.dll
[2013.08.14 15:27:59 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 11:56:17 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.07.11 12:03:29 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\33a3fd30ab81dfbe01deba0c009442ed\System.Runtime.Serialization.ni.dll
[2013.07.11 12:04:42 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\635c921be59ef9831e084cf199f0fb92\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 14:07:17 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.08.14 14:08:36 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 13:53:44 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2012.08.15 13:50:03 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.14 10:01:23 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.08.15 13:50:03 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.08.14 10:01:22 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.14 10:01:26 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 11:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 11:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.08.15 12:59:46 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.08.15 12:59:46 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010.11.21 11:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 30.8.2013 19:32:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\oem\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,99 Gb Available Physical Memory | 74,84% Memory free
8,00 Gb Paging File | 6,97 Gb Available in Paging File | 87,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 96,15 Gb Free Space | 16,13% Space Free | Partition Type: NTFS
Drive D: | 7,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: BARBONE | User Name: oem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- [2013.08.21 10:58:10 | 000,000,000 | ---D | M]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1 -- [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1 -- [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1 -- [2013.08.21 10:58:10 | 000,000,000 | ---D | M]
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09137198-024B-41B2-95F6-E72D1062A725}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0BEB2F3C-0DEC-443B-8197-B75C122AB2A6}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{14A4C303-B484-429F-9F77-9B96AF767948}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{2E035C90-1DB4-49CB-BEF0-20B151CE4172}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3C831A53-71F4-4B1C-B273-AAB69D950199}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{466CB7F6-5A26-4119-B289-489D5CB08E88}" = lport=2869 | protocol=6 | dir=in | app=system |
"{680D2EB9-5D95-4FFE-A80B-0BC9BD345FB7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6958C276-17DF-45C9-9D37-CE27B7A33480}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{8F10F296-2EFE-49FA-8AFB-356711A5C7A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{98C2F1E3-8901-4C5F-868E-995DDFEFDF01}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{ACCF00F5-F803-44AD-AF35-9D961A5C25B2}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{C2B1E027-1CBD-4A0D-A51E-10AF1FB3960B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C59CC520-1DD5-4D25-8276-3DA45741506B}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{D6C93B79-9A9F-4BF2-88B0-0A8D8C1EA9D5}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{ECED32BC-181E-4053-A765-A4C35E50F3A8}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{FA435647-CA60-45E8-A78A-8B020AF18A55}" = lport=80 | protocol=6 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1915F9FD-3A2D-45D8-BA56-D7F7EFB79DC3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{335E7AEE-046C-4A0D-9AE0-E37419B347DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4B3F9687-64A6-40C9-8497-F769B887E17E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{4EE0A3F8-1668-4FAD-86A5-F68B27A12B7A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{51521B14-398B-49C1-B6DA-CF2EDF4C3952}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5276F714-0E0F-4217-A2FC-139E1373C4BD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{5D88B4E8-04C9-4196-8EB0-93C0A6355BF8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{74FBB077-B831-4474-9BC5-919FF7968833}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{84905B65-B4F5-4466-A101-C9556B3E64B8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{865BC4ED-E5FF-438C-A091-39D54E217D7F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8EC58ED2-5AD5-40C1-B263-0A9918C21087}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{945337E5-7FE8-43D8-B1EC-6B8CE49A4C30}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{986B3702-9B6E-43B1-A744-7450ADF994A5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{9C1A2852-628B-42F6-9699-9868B2FE376A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A405C519-E15F-4D53-B2F4-D01A6CFDB575}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AE177C56-4D19-4F50-9D7F-265A17B41285}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B45B73B7-F8E1-4DE1-8FA2-E5869AD703DB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C6FB74F5-F2D1-46D2-A765-D8875054FB9E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{E5A788A2-8201-46C5-8F23-2CE30F2BB146}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{E9E32C78-C331-471E-9453-C6D8883FCDF3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{08EEFFE9-B470-4AD2-A91E-BF28EA9A0F6C}C:\kelevar\client_5.0.9.1.exe" = protocol=6 | dir=in | app=c:\kelevar\client_5.0.9.1.exe |
"TCP Query User{39F66021-61CC-45B0-8ED1-D7CA342FC391}C:\program files (x86)\steam\steamapps\fujiwaracze\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\fujiwaracze\team fortress 2\hl2.exe |
"TCP Query User{3EE1CC83-EAA8-4A33-8C6A-55A6729B37D3}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{481F6FFE-D8B3-4035-A9F2-ED685B2F2ECB}C:\kelevar\client_6.0.4.0.exe" = protocol=6 | dir=in | app=c:\kelevar\client_6.0.4.0.exe |
"TCP Query User{62F1CF12-80D2-4016-AE89-9FF1C410A466}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{7D04A173-BFA6-40D1-8B00-17A97DB4A10B}C:\kelevar\client_6.0.12.3.exe" = protocol=6 | dir=in | app=c:\kelevar\client_6.0.12.3.exe |
"TCP Query User{872323D0-623C-493E-95B6-C56FD17037F8}C:\users\oem\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\oem\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{A17B6F92-4943-41BC-B175-67F44EA58B99}C:\kelevar\client_5.0.5c.exe" = protocol=6 | dir=in | app=c:\kelevar\client_5.0.5c.exe |
"TCP Query User{A850E3A4-E2A1-4F70-9319-4AD096F3761A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{A904B1EF-97F1-4FEB-9EF2-292026E12A65}C:\kelevar\kelevarclient.exe" = protocol=6 | dir=in | app=c:\kelevar\kelevarclient.exe |
"TCP Query User{AD7350F3-28B7-4FE4-B23E-E81FF7EBB904}C:\kelevar\uoam\uoam.exe" = protocol=6 | dir=in | app=c:\kelevar\uoam\uoam.exe |
"TCP Query User{B3036B09-01FB-4F81-8038-5CDABD638AEE}D:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe |
"TCP Query User{EF694DB0-42D7-41CD-813D-FD248810E37B}C:\kelevar\cl6016.exe" = protocol=6 | dir=in | app=c:\kelevar\cl6016.exe |
"TCP Query User{F28F4932-3E03-4541-9AA7-8CE01479FD43}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{FD37AFC5-B4BF-46FD-82EA-483210EFF2D5}C:\program files (x86)\steam\steamapps\fujiwaracze\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\fujiwaracze\counter-strike source\hl2.exe |
"UDP Query User{31610FF1-D28B-44D7-8547-2A0ED9CFF906}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{3E95E3DF-15C4-4E06-8B53-9BB5B5289623}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{4C69D885-7C8B-45DD-B602-600B20AF2ED2}C:\kelevar\kelevarclient.exe" = protocol=17 | dir=in | app=c:\kelevar\kelevarclient.exe |
"UDP Query User{500269BF-BE8B-4A4D-8A27-B2FA37CA6B3A}C:\kelevar\client_5.0.9.1.exe" = protocol=17 | dir=in | app=c:\kelevar\client_5.0.9.1.exe |
"UDP Query User{564A64FE-4743-4D59-A8E4-524C449AC332}C:\program files (x86)\steam\steamapps\fujiwaracze\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\fujiwaracze\team fortress 2\hl2.exe |
"UDP Query User{602C562F-702B-4DAB-8AC3-1457D0B61901}C:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{6307CC09-E3BB-4DBF-90D9-6EF42F854A52}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{9309B0AD-C50E-4139-B932-F96A38960D14}C:\users\oem\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\oem\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{A8C6A29A-7168-4D80-993E-0B86CF427305}C:\kelevar\client_6.0.4.0.exe" = protocol=17 | dir=in | app=c:\kelevar\client_6.0.4.0.exe |
"UDP Query User{B32E87AE-93D0-4D9F-B1AE-8FE357C8E3F0}C:\kelevar\cl6016.exe" = protocol=17 | dir=in | app=c:\kelevar\cl6016.exe |
"UDP Query User{B6C9D71A-E429-4FBA-8BD5-384ECA563579}C:\program files (x86)\steam\steamapps\fujiwaracze\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\fujiwaracze\counter-strike source\hl2.exe |
"UDP Query User{B7A1A997-F868-45CA-953F-6EB58682F78A}C:\kelevar\client_6.0.12.3.exe" = protocol=17 | dir=in | app=c:\kelevar\client_6.0.12.3.exe |
"UDP Query User{BD11DF7F-2508-48DF-8020-8BDF329CBAC8}C:\kelevar\uoam\uoam.exe" = protocol=17 | dir=in | app=c:\kelevar\uoam\uoam.exe |
"UDP Query User{CC5F8F35-F431-42D4-B048-652FB1C924FC}D:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\td-w8960n\fscommand\easysetupassistant.exe |
"UDP Query User{E4886733-C233-4437-93B6-F1D80E46ABCA}C:\kelevar\client_5.0.5c.exe" = protocol=17 | dir=in | app=c:\kelevar\client_5.0.5c.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A6A6319B-4AD7-4699-BB7E-2E0515E5B04E}" = Windows Live Zabezpečení rodiny
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0A053D60-9267-11D5-8A2B-0050DA8B7D89}" = Planescape - Torment
"{0F25F02B-854E-49B3-8F68-6D27CE4D477E}" = Ultima Online 2D Client
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Borderlands.2.v1.3.1-v1.3.2.Updates-=AviaRa=- 1.00" = Borderlands.2.v1.3.1-v1.3.2.Updates-=AviaRa=- 1.00
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LOLReplay" = LOLReplay
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MP140 series" = Registrace uživatele zařízení Canon MP140 series
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.8.2013 15:28:57 | Computer Name = Barbone | Source = WinMgmt | ID = 10
Description =

Error - 30.8.2013 2:17:12 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 2:17:35 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 2:17:35 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 2:17:35 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 2:18:14 | Computer Name = Barbone | Source = WinMgmt | ID = 10
Description =

Error - 30.8.2013 9:10:33 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 9:10:58 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 9:10:58 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 9:10:58 | Computer Name = Barbone | Source = NvStreamSvc | ID = 131073
Description =

Error - 30.8.2013 9:11:54 | Computer Name = Barbone | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 20.8.2013 9:07:04 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (14:45:02, ?20.?8.?2013) bylo neočekávané.

Error - 20.8.2013 11:35:42 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:33:56, ?20.?8.?2013) bylo neočekávané.

Error - 21.8.2013 3:28:25 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:26:54, ?21.?8.?2013) bylo neočekávané.

Error - 21.8.2013 3:35:49 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:34:18, ?21.?8.?2013) bylo neočekávané.

Error - 21.8.2013 4:02:04 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:00:42, ?21.?8.?2013) bylo neočekávané.

Error - 21.8.2013 4:03:11 | Computer Name = Barbone | Source = DCOM | ID = 10010
Description =

Error - 21.8.2013 4:06:40 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:04:57, ?21.?8.?2013) bylo neočekávané.

Error - 24.8.2013 4:38:37 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:36:47, ?24.?8.?2013) bylo neočekávané.

Error - 25.8.2013 4:51:27 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:49:57, ?25.?8.?2013) bylo neočekávané.

Error - 30.8.2013 9:10:13 | Computer Name = Barbone | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:08:51, ?30.?8.?2013) bylo neočekávané.


< End of report >

Vidim, ze mate na plose spoustu jpg a taky nejake mp3. Jen pripominam, ze velikost plochy by nemela presahovat 200-300MB. Zpomaluje to chod pc.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

To jsem nevěděl, plocha uklizena, díky.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: oem
->Temp folder emptied: 2142 bytes
->Temporary Internet Files folder emptied: 128 bytes
->FireFox cache emptied: 89181704 bytes
->Flash cache emptied: 740 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50769 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 85,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: oem
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Ignore folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AA71A99-E0E9-4AC0-9E32-7B23A9026E21}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AA71A99-E0E9-4AC0-9E32-7B23A9026E21}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9EBFD759-F8D9-4507-B72B-6D7801B645BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9EBFD759-F8D9-4507-B72B-6D7801B645BB}\ not found.
HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1194232425-3671658707-1816436952-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1194232425-3671658707-1816436952-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6385.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C14.tmp\Microsoft.PowerShell.Security.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C14.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBC4E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCD6C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08312013_083641

Files\Folders moved on Reboot...
C:\Users\oem\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

Zdravím, trošku to trvalo. Zatím ještě dokončuju defragmentaci. Bohužel to trvá strašně dlouho, takže to musím pozastavovat a znovu spouštět.

Podařilo se mi vysledovat, že k zamrznutí pc dochází asi jen když je spuštěný prohlížeč mozilla firefox. Nevím to úplně 100%, ale řekl bych že skoro určitě byla spuštěná při zamrznutí.

Zpomaluje pc i velké množství dat ve složce stažené soubory? Nebo se to týká jen plochy?

Jinak ten pruh asi dělá monitor, který už bude pomalu dosluhovat.

Firefox preinstalujte. Tim se procisti.

Dulezita je velikost teto slozky C:\Users\oem\Desktop

Bud grafika, nebo primo monitor.

Az tedy dobehne defragmentace, preinstalujete firefox a probehne restart, dejte vedet, jak to vypada.

Zdravím. Defragmentace proběhla v pořádku. Udělal jsem tedy i reinstall(nepomohlo) a pak kompletní odinstalaci firefoxu i s profilem(nepomohlo). Bohužel problém zamrzání trvá - a co jsem to teď pozoroval, tak vždycky zamrzne když je puštěná mozilla.

Hm tak dnes 13.9. zatím bez problémů, tak uvidím jak to bude pokračovat.