VIRY.CZ

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Štepán at 2014-05-08 14:04:57
Microsoft Windows 7 Home Premium
System drive C: has 58 GB (49%) free of 119 GB
Total RAM: 6069 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:04:59, on 8.5.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe
D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.87\deploy\LolClient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Štepán.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.71.0.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (file missing)
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11879 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
taskeng.exe {6E7F334D-5A2D-4346-ACBD-C1C84523BFE6}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe" -sSONY_MEDIAMGR
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
KHALMNPR.EXE /API
WLIDSvcM.exe 3872
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
ATKOSD.exe
WDC.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5212.0.1231841985\653303529" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,28 --gpu-vendor-id=0x1002 --gpu-device-id=0x68a0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.104.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5212.2.685217281\316361638" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5212.4.707146020\405754396" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5212.6.1449188274\1183407621" /prefetch:673131151
"D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
LoLLauncher.exe
"D:/LoL/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.87/deploy/LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group3 pct:10c stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR3/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --enable-software-compositing --channel="5212.22.1487817936\1175615087" /prefetch:673131151
"C:\Users\Štepán\Downloads\RogueKiller.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Štepán\AppData\Roaming\Mozilla\Firefox\Profiles\x7z7mvfb.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdrmv2.dll
npdsplay.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npwmsdrm.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-04 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-04 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-05 2085160]
"RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2009-10-27 6998656]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2009-08-20 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"VolPanel"=C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe [2008-12-30 237693]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-04 3873704]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 76816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-07 13:32:58 ----D---- C:\ProgramData\Oracle
2014-05-07 13:32:25 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-05-07 13:32:19 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-05-07 13:32:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-05-07 13:32:18 ----A---- C:\Windows\SYSWOW64\java.exe
2014-05-06 21:51:46 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-06 21:51:24 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-06 21:51:24 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-05-06 21:51:24 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-06 21:35:02 ----D---- C:\AdwCleaner
2014-05-06 20:33:14 ----D---- C:\rsit
2014-05-04 10:48:26 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-05-04 10:48:19 ----A---- C:\Windows\avastSS.scr
2014-04-28 22:22:31 ----D---- C:\Users\Štepán\AppData\Roaming\Unity
2014-04-25 17:00:05 ----D---- C:\Users\Štepán\AppData\Roaming\livestreamer

======List of files/folders modified in the last 1 month======

2014-05-08 14:04:58 ----D---- C:\Program Files\trend micro
2014-05-08 13:51:42 ----D---- C:\Windows\system32\Tasks
2014-05-08 13:51:25 ----D---- C:\Windows\system32\drivers
2014-05-08 13:30:46 ----D---- C:\Users\Štepán\AppData\Roaming\Skype
2014-05-08 10:36:12 ----D---- C:\Windows\Temp
2014-05-08 10:27:44 ----D---- C:\Windows\system32\config
2014-05-08 10:12:14 ----SHD---- C:\Config.Msi
2014-05-08 00:34:28 ----SHD---- C:\System Volume Information
2014-05-07 23:49:10 ----SHD---- C:\Windows\Installer
2014-05-07 13:42:45 ----RD---- C:\Program Files (x86)
2014-05-07 13:32:58 ----HD---- C:\ProgramData
2014-05-07 13:32:45 ----D---- C:\Program Files (x86)\Common Files
2014-05-07 13:32:25 ----D---- C:\Windows\SysWOW64
2014-05-07 13:32:17 ----D---- C:\Program Files (x86)\Java
2014-05-07 13:18:44 ----D---- C:\Windows\Internet Logs
2014-05-07 12:51:56 ----D---- C:\Windows\System32
2014-05-07 12:51:56 ----D---- C:\Windows\inf
2014-05-07 12:51:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-07 12:47:27 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-05-06 21:51:24 ----D---- C:\ProgramData\Malwarebytes
2014-05-06 21:40:19 ----D---- C:\Windows\Tasks
2014-05-04 10:48:23 ----AD---- C:\Windows
2014-05-04 10:48:22 ----A---- C:\Windows\system32\aswBoot.exe
2014-05-01 19:42:53 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-04-29 13:41:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-04-12 18:23:06 ----D---- C:\ProgramData\Electronic Arts
2014-04-10 22:50:36 ----D---- C:\ProgramData\Microsoft Help
2014-04-10 22:49:54 ----D---- C:\Windows\system32\MRT
2014-04-10 22:48:00 ----A---- C:\Windows\system32\MRT.exe
2014-04-10 22:46:32 ----D---- C:\Users\Štepán\AppData\Roaming\uTorrent
2014-04-10 11:18:10 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-04 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-04 208416]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-21 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-04 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-04 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-04 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-20 254528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-04 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-04 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-04 85328]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-11-10 2033952]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 40976]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-05 316464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-18 123408]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-12-11 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 25816]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-05-20 202016]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-11-10 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-04 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-03 864032]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-02 76888]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-28 135664]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-04-28 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-04-28 79360]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-28 135664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-20 569024]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1255736]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jeste jeden sken a budem mazat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL 1.část:

OTL logfile created on: 8.5.2014 14:17:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Štepán\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,93 Gb Total Physical Memory | 3,32 Gb Available Physical Memory | 55,95% Memory free
11,85 Gb Paging File | 8,68 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 56,97 Gb Free Space | 48,92% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 60,69 Gb Free Space | 18,40% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Štepán | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.08 14:16:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Štepán\Downloads\OTL.exe
PRC - [2014.05.08 10:29:53 | 005,424,120 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
PRC - [2014.05.04 10:48:11 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.05.04 10:48:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.07.14 19:43:23 | 000,074,752 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.87\deploy\LolClient.exe
PRC - [2013.02.12 21:47:53 | 001,294,336 | ---- | M] () -- D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012.08.02 22:41:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.10.27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.09.23 10:11:54 | 001,160,320 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
PRC - [2009.08.20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.07.31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.30 01:32:54 | 000,237,693 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.08 10:29:57 | 001,531,384 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\RiotLauncher.dll
MOD - [2014.05.08 10:29:53 | 005,424,120 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
MOD - [2014.04.24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014.04.24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014.04.24 02:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014.04.24 02:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014.04.24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014.04.24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013.12.10 11:44:24 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.07.14 19:43:23 | 000,074,752 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.87\deploy\LolClient.exe
MOD - [2013.02.12 21:47:53 | 001,294,336 | ---- | M] () -- D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009.09.17 13:41:42 | 000,267,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
MOD - [2009.09.15 16:45:58 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009.09.15 10:47:10 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
MOD - [2009.09.11 16:40:20 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
MOD - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
MOD - [2009.07.08 11:24:16 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2009.07.03 13:40:34 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
MOD - [2009.07.03 13:21:16 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
MOD - [2009.07.03 13:13:56 | 000,297,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
MOD - [2009.07.03 13:13:16 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
MOD - [2009.07.03 13:12:32 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
MOD - [2009.07.03 13:12:24 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
MOD - [2009.07.03 13:12:14 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
MOD - [2009.07.01 16:46:24 | 000,461,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2009.03.26 23:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009.02.07 03:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - [2014.05.04 10:48:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.08.06 23:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.08.03 01:54:14 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2014.04.29 13:41:29 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.04.03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.02.20 01:07:34 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.08.02 22:41:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.28 04:39:43 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.04.28 04:39:37 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.05.04 10:48:22 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.05.04 10:48:22 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.05.04 10:48:22 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.05.04 10:48:22 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.05.04 10:48:22 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.05.04 10:48:22 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.05.04 10:48:22 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.05.04 10:48:21 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.04.03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.05.20 13:58:46 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.02.11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.05.21 20:14:07 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.21 16:47:50 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.03.05 12:19:46 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.02 17:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.18 12:30:55 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.21 01:43:52 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)
DRV:64bit: - [2009.09.21 01:43:52 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2009.09.21 01:43:52 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.08.06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.01 06:46:57 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.07.01 06:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.01 06:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.01 06:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009.06.17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:16:29 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.05.20 12:04:55 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.04.07 09:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.08.03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2010.12.11 11:26:04 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\SearchScopes\{CBAE06C1-C571-4AE4-A22B-6111C186070D}: "URL" = http://websearch.ask.com/redirect?clien ... F447179922
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.05.04 10:48:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:10:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.28 14:53:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.05.21 18:08:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Štepán\AppData\Roaming\Mozilla\Extensions
[2014.05.07 13:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Štepán\AppData\Roaming\Mozilla\Firefox\Profiles\x7z7mvfb.default\extensions
[2013.04.11 22:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.07.23 11:42:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.07.22 22:19:54 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdrmv2.dll
[2012.07.22 22:19:42 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files (x86)\mozilla firefox\plugins\npdsplay.dll
[2012.07.22 22:19:52 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npwmsdrm.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdrmv2.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\
CHR - Extension: Peněženka Google = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.05.08 13:52:32 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-779688466-701959231-4131610901-1000..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.co ... 1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.98.231.66 10.98.0.213
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70803ABD-9989-4E9D-87AB-8E9A3AFD0599}: DhcpNameServer = 10.98.231.66 10.98.0.213
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{964CB2EE-DEA7-498D-AFFD-E58E4FD2ABDC}: DhcpNameServer = 10.98.231.66 10.98.0.213
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.08 13:02:32 | 000,000,000 | ---D | C] -- C:\Users\Štepán\Desktop\RK_Quarantine
[2014.05.07 13:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.05.07 13:32:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.05.07 13:32:25 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.05.07 13:32:19 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.05.07 13:32:18 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.05.07 13:32:18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.05.07 13:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.05.06 21:51:46 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.06 21:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.05.06 21:51:24 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.06 21:51:24 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.05.06 21:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.05.06 21:35:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.06 20:33:14 | 000,000,000 | ---D | C] -- C:\rsit
[2014.05.04 10:48:19 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.28 22:22:31 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Roaming\Unity
[2014.04.28 22:20:49 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Local\Unity
[2014.04.25 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Roaming\livestreamer
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.05.08 14:20:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.08 13:47:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.08 13:47:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.08 13:41:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.08 12:55:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.08 10:36:07 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.08 10:20:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.08 10:20:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.08 10:12:15 | 477,532,159 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.07 12:51:56 | 001,629,818 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.07 12:51:56 | 000,684,486 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.05.07 12:51:56 | 000,670,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.07 12:51:56 | 000,148,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.05.07 12:51:56 | 000,128,976 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.07 12:47:27 | 000,001,631 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014.05.06 21:51:28 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.06 21:33:42 | 001,316,991 | ---- | M] () -- C:\Users\Štepán\Desktop\adwcleaner.exe
[2014.05.04 10:48:45 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.05.04 10:48:22 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.05.04 10:48:22 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.05.04 10:48:22 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.05.04 10:48:22 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.05.04 10:48:22 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.05.04 10:48:22 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.05.04 10:48:22 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.05.04 10:48:22 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.05.04 10:48:21 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.05.04 10:48:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.05.01 19:42:53 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.04.29 13:41:29 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.04.29 13:41:29 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.24 14:14:45 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.04.14 20:13:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.04.14 20:05:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.04.14 20:05:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.04.14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.05.06 21:51:28 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.06 21:33:39 | 001,316,991 | ---- | C] () -- C:\Users\Štepán\Desktop\adwcleaner.exe
[2014.05.04 10:48:26 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.03.09 19:50:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2014.03.09 19:50:12 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2014.01.19 20:30:29 | 000,159,807 | ---- | C] () -- C:\Windows\Scan to PDF Uninstaller.exe
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.29 03:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.29 03:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.02.03 16:52:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.08.08 01:19:55 | 000,007,609 | ---- | C] () -- C:\Users\Štepán\AppData\Local\resmon.resmoncfg
[2011.03.26 17:45:46 | 000,046,742 | ---- | C] () -- C:\Users\Štepán\AppData\Roaming\room.dat
[2011.03.19 13:31:46 | 000,000,117 | ---- | C] () -- C:\Users\Štepán\jagex_runescape_preferences2.dat
[2011.03.19 13:30:59 | 000,000,034 | ---- | C] () -- C:\Users\Štepán\jagex_runescape_preferences.dat
[2010.12.19 16:26:15 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.04.28 04:21:40 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.02.18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.02.18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.02.25 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\3909 LLC
[2010.05.21 16:52:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Asus WebStorage
[2013.12.11 12:05:19 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVAST Software
[2014.02.02 23:04:04 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVG
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Battle.net
[2014.01.19 20:30:50 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Canon
[2010.05.21 20:41:00 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\DAEMON Tools Lite
[2011.09.20 15:48:16 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\FileZilla
[2012.12.16 14:28:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\go
[2010.12.15 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\ICQ
[2010.05.25 20:46:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leadertech
[2011.08.25 15:59:52 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leawo
[2014.04.25 17:02:34 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\livestreamer
[2011.04.08 21:22:41 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\LolClient
[2013.08.01 21:32:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\MKKE
[2011.07.26 00:48:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Mumble
[2011.02.21 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Nokia
[2011.09.20 16:07:56 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Notepad++
[2013.07.31 19:56:17 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OBS
[2014.03.06 15:38:47 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OnLive App
[2012.02.06 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OpenOffice.org
[2014.01.28 15:29:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera
[2014.01.28 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera Software
[2014.02.15 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Origin
[2011.02.21 15:59:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PC Suite
[2011.07.12 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\poclbm
[2011.01.17 21:57:09 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Publish Providers
[2011.05.20 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PunkBuster
[2012.05.07 19:48:59 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Rovio
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SimulationCraft
[2011.01.17 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony
[2011.01.17 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony Creative Software Inc
[2012.07.11 00:30:30 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SplitMediaLabs
[2013.07.24 12:24:24 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TeamViewer
[2010.12.02 16:15:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Tropico 3
[2013.12.24 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TS3Client
[2010.05.27 21:47:38 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Ubisoft
[2014.04.28 22:22:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Unity
[2014.04.10 22:46:32 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\uTorrent
[2014.02.02 23:15:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\YouTube Downloader

========== Purity Check ==========

OTL 1.část:

OTL logfile created on: 8.5.2014 14:17:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Štepán\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,93 Gb Total Physical Memory | 3,32 Gb Available Physical Memory | 55,95% Memory free
11,85 Gb Paging File | 8,68 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 56,97 Gb Free Space | 48,92% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 60,69 Gb Free Space | 18,40% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Štepán | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.05.08 14:16:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Štepán\Downloads\OTL.exe
PRC - [2014.05.08 10:29:53 | 005,424,120 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
PRC - [2014.05.04 10:48:11 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.05.04 10:48:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.04.24 02:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.07.14 19:43:23 | 000,074,752 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.87\deploy\LolClient.exe
PRC - [2013.02.12 21:47:53 | 001,294,336 | ---- | M] () -- D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012.08.02 22:41:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.10 04:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.10.27 05:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 19:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.09.23 10:11:54 | 001,160,320 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
PRC - [2009.08.20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.07.31 19:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.30 01:32:54 | 000,237,693 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.08 10:29:57 | 001,531,384 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\RiotLauncher.dll
MOD - [2014.05.08 10:29:53 | 005,424,120 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe
MOD - [2014.04.24 02:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014.04.24 02:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014.04.24 02:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014.04.24 02:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014.04.24 02:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014.04.24 02:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013.12.10 11:44:24 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.07.14 19:43:23 | 000,074,752 | ---- | M] () -- D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.87\deploy\LolClient.exe
MOD - [2013.02.12 21:47:53 | 001,294,336 | ---- | M] () -- D:\LoL\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2010.01.05 02:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.24 22:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009.09.17 13:41:42 | 000,267,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
MOD - [2009.09.15 16:45:58 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009.09.15 10:47:10 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
MOD - [2009.09.11 16:40:20 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
MOD - [2009.07.20 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
MOD - [2009.07.08 11:24:16 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2009.07.03 13:40:34 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
MOD - [2009.07.03 13:21:16 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
MOD - [2009.07.03 13:13:56 | 000,297,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
MOD - [2009.07.03 13:13:16 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
MOD - [2009.07.03 13:12:32 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
MOD - [2009.07.03 13:12:24 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
MOD - [2009.07.03 13:12:14 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
MOD - [2009.07.01 16:46:24 | 000,461,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2009.03.26 23:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009.02.07 03:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - [2014.05.04 10:48:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.12.08 01:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.08.06 23:17:46 | 000,118,672 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.08.03 01:54:14 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.20 13:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2014.04.29 13:41:29 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.04.03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.04.03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.02.20 01:07:34 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.08.02 22:41:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.28 04:39:43 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.04.28 04:39:37 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.10 04:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 04:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.10.01 04:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.05.04 10:48:22 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.05.04 10:48:22 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.05.04 10:48:22 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.05.04 10:48:22 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.05.04 10:48:22 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.05.04 10:48:22 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.05.04 10:48:22 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.05.04 10:48:21 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.04.03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.05.20 13:58:46 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.02.11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.05.21 20:14:07 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.21 16:47:50 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.03.05 12:19:46 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.02 17:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.18 12:30:55 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.21 01:43:52 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)
DRV:64bit: - [2009.09.21 01:43:52 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2009.09.21 01:43:52 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.08.06 23:17:34 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.01 06:46:57 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.07.01 06:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.07.01 06:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.07.01 06:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.06.17 18:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009.06.17 18:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 18:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:16:29 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.05.20 12:04:55 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.05.13 18:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.04.07 09:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.08.03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2010.12.11 11:26:04 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\SearchScopes\{CBAE06C1-C571-4AE4-A22B-6111C186070D}: "URL" = http://websearch.ask.com/redirect?clien ... F447179922
IE - HKU\S-1-5-21-779688466-701959231-4131610901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.05.04 10:48:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:10:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.01.28 14:53:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.05.21 18:08:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Štepán\AppData\Roaming\Mozilla\Extensions
[2014.05.07 13:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Štepán\AppData\Roaming\Mozilla\Firefox\Profiles\x7z7mvfb.default\extensions
[2013.04.11 22:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.07.23 11:42:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012.07.22 22:19:54 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdrmv2.dll
[2012.07.22 22:19:42 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files (x86)\mozilla firefox\plugins\npdsplay.dll
[2012.07.22 22:19:52 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npwmsdrm.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdrmv2.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.29_0\
CHR - Extension: Peněženka Google = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.05.08 13:52:32 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKU\S-1-5-21-779688466-701959231-4131610901-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-779688466-701959231-4131610901-1000..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.co ... 1.71.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.98.231.66 10.98.0.213
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70803ABD-9989-4E9D-87AB-8E9A3AFD0599}: DhcpNameServer = 10.98.231.66 10.98.0.213
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{964CB2EE-DEA7-498D-AFFD-E58E4FD2ABDC}: DhcpNameServer = 10.98.231.66 10.98.0.213
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.05.08 13:02:32 | 000,000,000 | ---D | C] -- C:\Users\Štepán\Desktop\RK_Quarantine
[2014.05.07 13:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.05.07 13:32:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.05.07 13:32:25 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.05.07 13:32:19 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.05.07 13:32:18 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.05.07 13:32:18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.05.07 13:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.05.06 21:51:46 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.06 21:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.05.06 21:51:24 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.05.06 21:51:24 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.05.06 21:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.05.06 21:35:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.06 20:33:14 | 000,000,000 | ---D | C] -- C:\rsit
[2014.05.04 10:48:19 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.04.28 22:22:31 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Roaming\Unity
[2014.04.28 22:20:49 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Local\Unity
[2014.04.25 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\Štepán\AppData\Roaming\livestreamer
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.05.08 14:20:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.05.08 13:47:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.05.08 13:47:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.05.08 13:41:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.08 12:55:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.08 10:36:07 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.05.08 10:20:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.08 10:20:35 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.08 10:12:15 | 477,532,159 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.07 12:51:56 | 001,629,818 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.05.07 12:51:56 | 000,684,486 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.05.07 12:51:56 | 000,670,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.05.07 12:51:56 | 000,148,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.05.07 12:51:56 | 000,128,976 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.05.07 12:47:27 | 000,001,631 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014.05.06 21:51:28 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.06 21:33:42 | 001,316,991 | ---- | M] () -- C:\Users\Štepán\Desktop\adwcleaner.exe
[2014.05.04 10:48:45 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014.05.04 10:48:22 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014.05.04 10:48:22 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014.05.04 10:48:22 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.05.04 10:48:22 | 000,208,416 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014.05.04 10:48:22 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014.05.04 10:48:22 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014.05.04 10:48:22 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014.05.04 10:48:22 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.05.04 10:48:21 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014.05.04 10:48:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.05.01 19:42:53 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.04.29 13:41:29 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.04.29 13:41:29 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.04.24 14:14:45 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.04.14 20:13:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.04.14 20:05:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.04.14 20:05:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.04.14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.05.06 21:51:28 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.06 21:33:39 | 001,316,991 | ---- | C] () -- C:\Users\Štepán\Desktop\adwcleaner.exe
[2014.05.04 10:48:26 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014.03.09 19:50:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2014.03.09 19:50:12 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2014.01.19 20:30:29 | 000,159,807 | ---- | C] () -- C:\Windows\Scan to PDF Uninstaller.exe
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.29 03:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.29 03:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.02.03 16:52:37 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.08.08 01:19:55 | 000,007,609 | ---- | C] () -- C:\Users\Štepán\AppData\Local\resmon.resmoncfg
[2011.03.26 17:45:46 | 000,046,742 | ---- | C] () -- C:\Users\Štepán\AppData\Roaming\room.dat
[2011.03.19 13:31:46 | 000,000,117 | ---- | C] () -- C:\Users\Štepán\jagex_runescape_preferences2.dat
[2011.03.19 13:30:59 | 000,000,034 | ---- | C] () -- C:\Users\Štepán\jagex_runescape_preferences.dat
[2010.12.19 16:26:15 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.04.28 04:21:40 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.02.18 10:07:44 | 014,163,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.02.18 09:34:01 | 012,867,072 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.02.25 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\3909 LLC
[2010.05.21 16:52:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Asus WebStorage
[2013.12.11 12:05:19 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVAST Software
[2014.02.02 23:04:04 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVG
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Battle.net
[2014.01.19 20:30:50 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Canon
[2010.05.21 20:41:00 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\DAEMON Tools Lite
[2011.09.20 15:48:16 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\FileZilla
[2012.12.16 14:28:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\go
[2010.12.15 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\ICQ
[2010.05.25 20:46:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leadertech
[2011.08.25 15:59:52 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leawo
[2014.04.25 17:02:34 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\livestreamer
[2011.04.08 21:22:41 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\LolClient
[2013.08.01 21:32:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\MKKE
[2011.07.26 00:48:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Mumble
[2011.02.21 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Nokia
[2011.09.20 16:07:56 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Notepad++
[2013.07.31 19:56:17 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OBS
[2014.03.06 15:38:47 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OnLive App
[2012.02.06 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OpenOffice.org
[2014.01.28 15:29:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera
[2014.01.28 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera Software
[2014.02.15 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Origin
[2011.02.21 15:59:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PC Suite
[2011.07.12 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\poclbm
[2011.01.17 21:57:09 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Publish Providers
[2011.05.20 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PunkBuster
[2012.05.07 19:48:59 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Rovio
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SimulationCraft
[2011.01.17 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony
[2011.01.17 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony Creative Software Inc
[2012.07.11 00:30:30 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SplitMediaLabs
[2013.07.24 12:24:24 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TeamViewer
[2010.12.02 16:15:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Tropico 3
[2013.12.24 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TS3Client
[2010.05.27 21:47:38 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Ubisoft
[2014.04.28 22:22:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Unity
[2014.04.10 22:46:32 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\uTorrent
[2014.02.02 23:15:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\YouTube Downloader

========== Purity Check ==========

OTL 2 část:
========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,546 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.09 16:07:32 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.31 08:56:06 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.31 08:56:06 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010.04.28 04:37:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2010.04.28 04:37:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.04.28 04:22:47 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010.04.28 04:37:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2010.04.28 04:37:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.04.28 04:22:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.04.28 04:37:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.04.28 04:22:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.04.28 04:37:38 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.04.28 04:22:47 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTOR.SYS >
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4fa22a1c88c09097\iaStor.sys
[2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_9071cf01e963be0e\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.04.03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\SoftwareDistribution\Download\cff4ff6c95584178356fe63cccb9ddaf\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SoftwareDistribution\Download\cff4ff6c95584178356fe63cccb9ddaf\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.04.03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010.04.28 04:37:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.04.28 04:37:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010.04.28 04:37:38 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[7 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.02.25 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\3909 LLC
[2013.01.02 02:56:13 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Adobe
[2010.05.21 16:52:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Asus WebStorage
[2010.05.21 16:49:05 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\ATI
[2013.12.11 12:05:19 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVAST Software
[2014.02.02 23:04:04 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\AVG
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Battle.net
[2014.01.19 20:30:50 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Canon
[2011.04.03 11:00:45 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Creative
[2010.05.21 20:40:41 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\CyberLink
[2010.05.21 20:41:00 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\DAEMON Tools Lite
[2011.04.07 22:41:45 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Download Manager
[2011.09.20 15:48:16 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\FileZilla
[2012.12.16 14:28:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\go
[2010.06.06 20:29:25 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Hamachi
[2010.12.15 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\ICQ
[2010.05.21 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Identities
[2011.03.26 18:05:07 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\InstallShield
[2010.05.25 20:46:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leadertech
[2011.08.25 15:59:52 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Leawo
[2014.04.25 17:02:34 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\livestreamer
[2011.03.03 16:47:19 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Logitech
[2011.04.08 21:22:41 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\LolClient
[2010.05.21 17:03:36 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Macromedia
[2011.12.04 18:03:56 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Media Center Programs
[2014.01.07 18:08:47 | 000,000,000 | --SD | M] -- C:\Users\Štepán\AppData\Roaming\Microsoft
[2013.08.01 21:32:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\MKKE
[2010.05.21 18:08:57 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Mozilla
[2011.07.26 00:48:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Mumble
[2011.02.21 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Nokia
[2011.09.20 16:07:56 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Notepad++
[2013.07.31 19:56:17 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OBS
[2014.03.06 15:38:47 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OnLive App
[2012.02.06 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\OpenOffice.org
[2014.01.28 15:29:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera
[2014.01.28 15:24:54 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Opera Software
[2014.02.15 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Origin
[2011.02.21 15:59:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PC Suite
[2011.07.12 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\poclbm
[2011.01.17 21:57:09 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Publish Providers
[2011.05.20 17:19:07 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\PunkBuster
[2012.05.07 19:48:59 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Rovio
[2013.10.30 13:50:10 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SimulationCraft
[2014.05.08 14:42:20 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Skype
[2011.05.29 09:12:15 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\skypePM
[2011.01.17 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony
[2011.01.17 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Sony Creative Software Inc
[2012.07.11 00:30:30 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\SplitMediaLabs
[2013.07.24 12:24:24 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TeamViewer
[2010.12.02 16:15:28 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Tropico 3
[2013.12.24 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\TS3Client
[2010.05.27 21:47:38 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Ubisoft
[2014.04.28 22:22:31 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Unity
[2014.04.10 22:46:32 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\uTorrent
[2011.01.22 18:37:46 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\Ventrilo
[2011.11.07 14:19:53 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\vlc
[2010.05.21 17:49:43 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\WinRAR
[2014.02.02 23:15:49 | 000,000,000 | ---D | M] -- C:\Users\Štepán\AppData\Roaming\YouTube Downloader

< %APPDATA%\*.exe /s >
[2012.12.16 16:58:28 | 000,010,134 | R--- | M] () -- C:\Users\Štepán\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.05.07 13:32:18 | 000,004,764 | ---- | M] () -- C:\Windows\system32\jupdate-1.7.0_55-b14.log

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AdobeBridge" =
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.05.08 14:20:27 | 000,000,512 | ---- | M] () MD5=B684DA6AF038B3CC8ED5F3EAB3C73DC1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2009.03.08 10:59:14 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Garena\plugins\UI\AvoidCrackPlugin.dll
[2014.03.05 16:34:45 | 000,022,852 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\3DMGAME-South.Park.The.Stick.of.Truth.Incl.Ultimate.Fellowship.Pack.Cracked-3DM.torrent
[2012.05.07 19:46:34 | 000,011,267 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Angry.Birds.Space.v1.0.0.cracked.READ.NFO-THETA.torrent
[2013.12.31 16:24:01 | 000,012,476 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Minecraft-1.6.2---Cracked-Gajdy.exe.1.torrent
[2013.12.27 16:59:29 | 000,012,475 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Minecraft-1.6.2---Cracked-Gajdy.exe.torrent

< *keygen* /s >
[2011.01.17 14:45:48 | 000,018,724 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Sony Vegas Pro 8.0 + Keygen + Čeština.rar.torrent
[2011.01.17 14:29:25 | 000,015,883 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Sony vegas pro 9.0e (32 and 64 bit) Keygen + download_by_ranger.sk.1.torrent
[2011.01.17 14:55:21 | 000,015,883 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Sony vegas pro 9.0e (32 and 64 bit) Keygen + download_by_ranger.sk.2.torrent
[2011.01.17 14:09:59 | 000,015,882 | ---- | M] () -- \Users\Štepán\AppData\Roaming\uTorrent\Sony vegas pro 9.0e (32 and 64 bit) Keygen + download_by_ranger.sk.torrent

< *AntiWPA* /s >

< *loader* /s >
[2014.01.21 22:29:52 | 000,529,256 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-4.9\Plus-HD-4.9-codedownloader.exe.vir
[2014.01.21 22:29:46 | 000,145,675 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa\1.26.59_0\extensionData\plugins\91_monetizationLoader.js.js.vir
[2014.04.23 15:45:43 | 000,152,661 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Štepán\AppData\Roaming\Mozilla\Firefox\Profiles\x7z7mvfb.default\Extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com\extensionData\plugins\91_monetizationLoader.js.js.vir
[2014.01.21 22:29:59 | 000,004,312 | ---- | M] () -- \AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-4.9-codedownloader.vir
[2014.05.06 21:29:00 | 000,001,282 | ---- | M] () -- \AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-4.9-codedownloader.job.vir
[2012.03.13 13:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2009.12.30 05:02:42 | 000,079,120 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.08.16 18:56:14 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2013.06.06 19:28:22 | 000,048,315 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2013.06.06 19:28:22 | 000,015,895 | ---- | M] () -- \Program Files (x86)\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2010.12.14 18:42:44 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.12.14 18:42:44 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.12.14 18:42:44 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.12.14 18:42:44 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2010.12.14 18:44:43 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2010.12.14 18:44:44 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2010.12.14 18:44:44 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009.05.31 04:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.01.17 17:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.02.06 16:25:50 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 18:00:08 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.02.06 16:26:01 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 13:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2013.10.23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2010.02.10 18:10:14 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2014.05.04 10:48:11 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.05.04 10:48:11 | 000,085,888 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.12.12 10:43:42 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2011.07.19 14:53:42 | 000,018,938 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2014.02.04 22:58:50 | 000,003,072 | ---- | M] () -- \Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloader.zex.cz_0.localstorage
[2014.02.04 22:58:50 | 000,003,608 | ---- | M] () -- \Users\Štepán\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloader.zex.cz_0.localstorage-journal
[2013.04.02 19:23:47 | 000,000,374 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QEHLB28\queryLoader[1].css
[2014.03.04 21:58:14 | 000,112,122 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y2UNCER\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.04.04 22:40:25 | 000,005,708 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y2UNCER\queryLoader[1].js
[2014.01.21 22:27:39 | 000,070,361 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y2UNCER\universaldownloader-prefetch[1].txt
[2014.01.21 22:32:14 | 000,070,361 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y2UNCER\universaldownloader-prefetch[2].txt
[2014.05.08 10:29:14 | 000,001,870 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5RM9FF5H\AdLoader[1].htm
[2014.03.10 12:54:12 | 000,005,708 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5RM9FF5H\queryLoader[1].js
[2014.02.18 19:18:36 | 000,111,819 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.05.07 14:11:00 | 000,001,870 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\AdLoader[2].htm
[2014.03.04 22:14:06 | 000,001,870 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\AdLoader[3].htm
[2014.04.04 22:40:24 | 000,000,374 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\queryLoader[1].css
[2014.05.08 10:49:28 | 000,005,505 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\queryLoader[1].js
[2014.05.08 10:49:27 | 000,000,353 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\queryLoader[2].css
[2014.01.21 22:28:21 | 000,070,361 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DTDB1FMO\universaldownloader-prefetch[1].txt
[2014.03.28 16:12:12 | 000,001,870 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNE8IDJ\AdLoader[1].htm
[2014.03.10 12:54:10 | 000,000,374 | ---- | M] () -- \Users\Štepán\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCNE8IDJ\queryLoader[1].css
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\Štepán\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\Štepán\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\Štepán\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\Štepán\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Štepán\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.02.02 23:02:50 | 014,490,432 | ---- | M] () -- \Users\Štepán\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.4.exe
[129 \Users\Štepán\AppData\Local\Temp\*.tmp files -> \Users\Štepán\AppData\Local\Temp\*.tmp -> ]
[2011.08.03 14:18:59 | 000,000,117 | ---- | M] () -- \Users\Štepán\Desktop\WTF\Account\104016428#1\SavedVariables\AtlasLoot_Loader.lua
[2011.04.27 15:06:17 | 000,000,078 | ---- | M] () -- \Users\Štepán\Desktop\WTF\Account\104016428#1\SavedVariables\AtlasLoot_Loader.lua.bak
[2014.02.02 23:09:09 | 000,000,145 | ---- | M] () -- \Users\Štepán\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2013.02.20 20:16:26 | 000,680,224 | ---- | M] () -- \Users\Štepán\Downloads\Chip_Downloader_Access_2010.exe
[2014.01.21 22:34:10 | 000,675,312 | ---- | M] () -- \Users\Štepán\Downloads\pdf-security-removal_7.3.3 - CHIP Downloader.exe
[2014.01.28 14:53:02 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.05.06 21:29:00 | 000,015,856 | ---- | M] () -- \Windows\Prefetch\PLUS-HD-4.9-CODEDOWNLOADER.EX-DC656076.pf
[2014.05.06 21:34:00 | 000,037,330 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.08.03 22:00:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.08.03 22:00:16 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.08.03 22:00:16 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.08.03 22:00:16 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.08.03 22:00:16 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 04:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 04:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 04:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 04:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 04:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.08.03 21:57:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 01:08:57 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2013.05.07 20:03:35 | 000,005,687 | ---- | M] () -- \Program Files (x86)\PokerStars\gx\tokenserial.jpg
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.02.14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 01:09:22 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.02.22 23:46:40 | 000,003,120 | ---- | M] () -- \Users\Štepán\AppData\Local\Apps\2.0\L4WVTNMJ.KWL\4V1ZZWE6.4JH\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2012.02.22 23:46:33 | 000,013,312 | ---- | M] () -- \Users\Štepán\AppData\Local\Apps\2.0\L4WVTNMJ.KWL\4V1ZZWE6.4JH\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\Curse.CurseClient.Common.XmlSerializers.dll
[2012.02.22 23:46:40 | 000,001,079 | ---- | M] () -- \Users\Štepán\AppData\Local\Apps\2.0\L4WVTNMJ.KWL\4V1ZZWE6.4JH\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\Curse.CurseClient.Common.XmlSerializers.manifest
[2011.02.11 16:38:20 | 000,013,312 | ---- | M] () -- \Users\Štepán\AppData\Local\Apps\2.0\L4WVTNMJ.KWL\4V1ZZWE6.4JH\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2010.12.27 14:38:16 | 000,315,392 | ---- | M] () -- \Vegas\CoreUI.XmlSerializers.dll
[2010.12.27 14:38:14 | 000,454,656 | ---- | M] () -- \Vegas\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2009.08.03 21:59:47 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.08.21 01:02:19 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2011.08.21 01:01:18 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.08.21 01:14:06 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\12aaff696a0c54773664b4c5407deaa2\System.Runtime.Serialization.ni.dll
[2011.08.21 01:13:22 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\d0c6d3aadce1e38bbcb06905e132a503\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 15:44:34 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 15:44:50 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.01.11 15:47:11 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.01.11 15:50:07 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.01.11 15:51:12 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 15:54:16 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2011.06.15 15:43:46 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.13 23:48:04 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.15 15:43:45 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.13 23:48:03 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.13 23:48:07 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.03 21:59:49 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.03 21:59:45 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 03:48:20 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:48:20 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.08.03 21:59:35 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.08.03 21:59:35 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.08.03 21:59:45 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.08.03 21:59:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2009.08.03 21:59:50 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2009.07.14 04:57:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 04:57:21 | 000,017,984 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc_kdcom.dll_db5e7744
[2009.08.03 22:00:16 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.08.03 22:00:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009.08.03 21:58:49 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.03 21:59:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009.08.03 21:59:49 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.08.03 21:59:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.08.03 22:00:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Extras 1.část:

OTL Extras logfile created on: 8.5.2014 14:17:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Štepán\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,93 Gb Total Physical Memory | 3,32 Gb Available Physical Memory | 55,95% Memory free
11,85 Gb Paging File | 8,68 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 56,97 Gb Free Space | 48,92% Space Free | Partition Type: NTFS
Drive D: | 329,79 Gb Total Space | 60,69 Gb Free Space | 18,40% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Štepán | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-779688466-701959231-4131610901-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041D363E-ABE3-4E06-8F05-F66BB55420CC}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher |
"{09561952-44DB-4654-94B5-AE7558C55E91}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{1ABE6DE5-16D9-447C-A978-33DA5C9A49AB}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher |
"{2DCADA48-2C42-413B-8BE5-6BC1D08C084D}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher |
"{36BE3473-FE38-49E5-9573-1A31E9314769}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3A883468-EF16-4590-985C-4E8025911D21}" = lport=2869 | protocol=6 | dir=in | app=system |
"{583A50D2-7F4A-40FF-829A-27F41FDD12E0}" = lport=6956 | protocol=17 | dir=in | name=league of legends launcher |
"{5CF2B901-7010-4302-B2EA-856FED2D29FC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{60005909-F83F-441B-A40B-7CD3A90CAE8D}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher |
"{6E458C24-5DCD-4FEE-A1F9-00D2DE02CB29}" = lport=7000 | protocol=6 | dir=in | name=port tcp nástroje migrace profilu uživatele |
"{779F28A8-BC0C-47BE-9806-6C2AAD156EBB}" = lport=6889 | protocol=17 | dir=in | name=league of legends launcher |
"{7AF84000-E71C-418F-B256-75F1F7E2C601}" = lport=6956 | protocol=6 | dir=in | name=league of legends launcher |
"{88EF197E-304E-485A-9D9A-F76E183D055E}" = lport=6985 | protocol=6 | dir=in | name=league of legends launcher |
"{9D420361-5809-4617-BB66-3ED3028D762E}" = lport=6889 | protocol=6 | dir=in | name=league of legends launcher |
"{A42F8CF9-1E98-4772-97B3-A40FAA65FBC8}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{B0129992-5227-479A-9BEA-9CB38AB03678}" = lport=6904 | protocol=6 | dir=in | name=league of legends launcher |
"{BB26CC8D-0710-4068-8D89-2DFF469F95CE}" = lport=7000 | protocol=17 | dir=in | name=port udp nástroje migrace profilu uživatele |
"{BEEB2736-B2AD-408F-9771-DF6969238E00}" = lport=6904 | protocol=17 | dir=in | name=league of legends launcher |
"{C30F6932-D52A-4A8E-882E-4A3009B8D46C}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{FE3525CB-A647-4F6E-BD37-85B929C23BA2}" = lport=6985 | protocol=17 | dir=in | name=league of legends launcher |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A1A1C2-0720-4D32-A007-74210AB6E396}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
"{02792CA7-AF58-47B5-AEF6-1C414E07911A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{02B77B40-9784-4AC4-BB3E-832F680278D7}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{03287608-B258-48C4-A962-C03EAE798308}" = protocol=6 | dir=in | app=d:\tropico 3\tropico3.exe |
"{03B17359-AD09-4175-B3A2-D65213E58053}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{055A0471-8F5F-493A-9D54-7FF36A1FDF64}" = protocol=17 | dir=in | app=d:\world of warcraft public test\backgrounddownloader.exe |
"{080E0E32-2A67-4820-A76E-153309E51C89}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{08762316-646D-483D-A880-A37D62007F1D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{0B75C8C7-00AA-499C-A697-C0E8D91F3320}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe |
"{0BBC12F1-8263-4E84-94C0-493CFE976A58}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"{0E37A430-6059-4207-92CC-0874739FF6C5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{0FA68A25-5C86-4698-97AA-090DB7E07280}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0FE70AB3-F4F7-43DD-A4D2-394663338917}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2163\agent.exe |
"{11A12459-2E85-4D21-841A-25EF90848395}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2417\agent.exe |
"{140B70C1-AAA4-4024-B996-2D03A7ED41BB}" = protocol=6 | dir=in | app=d:\call of duuty 2\cod2mp_s.exe |
"{149D5814-D7CA-48B4-9BCE-E3265E8F2FB8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{1519ABBC-D9A8-4152-86FC-6465823D5599}" = protocol=17 | dir=in | app=d:\leauge of legends\game\league of legends.exe |
"{15704AF0-C5EC-4A87-8CB9-C9A042A13F83}" = protocol=17 | dir=in | app=d:\call of duuty 2\cod2mp_s.exe |
"{168301C3-08AE-4200-BED9-0A696D79C1DF}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{170571EB-C606-4549-8FB4-CB1C772BDD08}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{175A3DFA-21FA-4D99-A4F0-6B2308A9B2B8}" = protocol=6 | dir=in | app=d:\leauge of legends\air\lolclient.exe |
"{19EF2E74-6F84-4A1A-B52F-310B3168D750}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{1A610CED-1CB8-44E5-9B3D-3376D69C0781}" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe |
"{1BFAFAFF-C7DF-4410-956C-7040270ED34A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2110\agent.exe |
"{1D5E00FC-45BE-4778-AAF4-4DD0131E7606}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{1E117413-2813-42BF-A892-0D7C10EB7862}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{1E7D498A-3822-46B4-B05A-90EA8732B2D7}" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"{1F1A508D-7488-47E6-B1D3-42C45854012A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{228D9931-CA85-4CCC-ABD1-9FC83A17EF91}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{26B7A2CE-D2FB-45DF-B2D8-C188A88D346F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{26D677FD-191C-4206-9C62-53C1760B83FB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{28724FE2-271E-44A3-A9BE-6005C9477464}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2B90A3FE-954E-4470-8170-48C9DA07E90A}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"{2BCFCF37-676E-402E-8626-8B8DC8A049E3}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{2C49D765-2074-4034-B505-B54728DF8BA0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2110\agent.exe |
"{2D0FC98D-7A84-4F89-8614-CBDC474144C2}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe |
"{2D6BFA49-E6B7-431C-A7DF-9F7882E8BBD7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{2DECFBDE-5116-492E-8721-AC40486E68F1}" = protocol=17 | dir=in | app=d:\lol\air\lolclient.exe |
"{2E966630-1676-40CD-B3DF-F0AA88F6D41F}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe |
"{2EE6EF14-0F3A-421E-B02A-49D5E71AFD7A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{3024ADC0-BF88-4443-A88A-6FF67586A88D}" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe |
"{31FCBEAC-5E9B-4203-ADE9-A3FBD1F449B2}" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackopsmp.exe |
"{3253C6B8-761E-416F-8C04-1B96CFA8794D}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{3282F303-E567-49C7-9224-E810260B5504}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{342600D6-6D68-46B2-AF71-AC59FB1ECD53}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{34782A47-8060-496F-981B-F1EAC67C8848}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe |
"{34FF4C64-C6F9-4EBA-988B-DCDA518B520C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{361D8A8D-0477-48D3-8A67-A49BE68B3F2F}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{364CB1F2-6AAB-4326-BBA9-756163E9B00C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2359\agent.exe |
"{36C3D41C-6046-4466-A9DB-15BB3BAC7584}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe |
"{36FF1ED2-8F29-4A9E-9CB0-71E7E8BF2247}" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe |
"{37CCBBCC-0C3C-4717-9B5D-6952EAF33E26}" = protocol=6 | dir=in | app=d:\starcraft_2_eu_en-gb.exe |
"{38F16114-C40B-4B38-BAA2-49BCFAF7A6EA}" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{3B9AB1B7-5532-456E-B0F1-2C61A5793051}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{3BFF9454-6363-42EF-BF7B-04993678DA48}" = protocol=6 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe |
"{3CA0D393-B84C-4DD5-9C6D-DFE68F0726A8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{3D3CDACC-7527-431A-9B35-E7703CB0C1F4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{3E83BA97-2D17-4D90-9DA6-13C3C7D1B25D}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe |
"{3EBC5286-8B6E-426C-8997-D30EF3116816}" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackopsmp.exe |
"{3EFC9FFE-1800-4036-B4A1-776A16081AC5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{3FC73B44-01CE-4CB0-B151-BED1F191FC4F}" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe |
"{4115C999-D9DF-49AA-A46B-A7A9EFD5DDDB}" = protocol=6 | dir=in | app=d:\lol\air\lolclient.exe |
"{415DEDC7-F376-4774-AEF4-E65219DD479A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe |
"{43FA39A2-ED64-4B9C-88F7-FA97B0186DB4}" = protocol=17 | dir=in | app=d:\blur\blur.exe |
"{46504805-1155-41B7-86F3-808099672366}" = protocol=6 | dir=in | app=d:\call of duty 4\iw3mp.exe |
"{4874FB24-0F76-4F02-BE86-3BA4CE05A1C6}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe |
"{48DE166B-0E01-46A7-8CEE-E9AE4A5C6491}" = protocol=6 | dir=in | app=d:\leauge of legends\lol.launcher.exe |
"{4B0F2DB1-8D17-4F61-8A38-E0BED2EB6311}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{4C840F1D-AFBD-4320-A05A-D4E5A902F9AD}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{4DE25499-D8B5-43FF-A06C-C2E775EA85AF}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{4E094771-4C8B-41CB-A944-907438EAE635}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{4F2A67F3-9B66-48D2-A45D-1E9C0EEF1063}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{504E79E4-7B61-4FF0-AD24-2CB409CC622B}" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcherb.exe |
"{50A39F1C-9DEC-4F79-9E95-EBC88BE32A76}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{535748D9-1489-4B0C-982D-95C8799B8542}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe |
"{552DB2A9-A0C5-4731-91B5-F2F85A1FAC3C}" = protocol=6 | dir=in | app=d:\counter-strike source\hl2.exe |
"{55A1762E-49C1-4CB0-88E8-66D28B9EB163}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{58939B08-969D-4E2E-9A39-82A633A2B8D1}" = protocol=17 | dir=in | app=d:\portal 2\portal2.exe |
"{5AD65524-6293-43C4-BA07-FE26103BFE06}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{5B29CF81-1DCF-4B9C-A07C-037FEDFA40C6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{5C00B3EB-27D8-439B-A281-A439A577BD2E}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"{5E60D624-16F4-41C0-A081-49247E07D701}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{5FE85303-E0DD-4411-A782-131DD9C08D18}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\launcher.exe |
"{63633898-B242-436E-95CC-6ABD0445852B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6653B86E-BB65-41A9-B1AC-5F06ADA1DBC1}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe |
"{67C66944-DDD2-40BD-B4BD-067E7821FE0B}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{67FD0E0B-EDD7-4042-BD98-3A8551BFF032}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{6B71A715-29A8-4881-8555-EE66D3B0CE8D}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"{6DE4A8AF-5891-400C-B56C-C48D1F12E6FB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{6F582AD9-0AA9-457C-9E1D-BBE3AB1D098E}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{70729E5A-A586-42FA-A85E-E92830F616CE}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{7123842F-C7B0-4F18-8692-6CB0666D69D6}" = protocol=17 | dir=in | app=d:\leauge of legends\lol.launcher.exe |
"{71B0989E-015A-437B-A694-E2B3F8906BE1}" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe |
"{72555D3B-624F-4018-B7D5-FC9BF436342E}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe |
"{766A0C74-2A70-4E55-ACE6-428834AFAD17}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe |
"{766A7B3A-4ACE-4158-A1D7-EB4DDA0A7F68}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{773A1E9D-9A76-417C-A5AB-75824D5AE900}" = protocol=17 | dir=in | app=d:\counter-strike source\hl2.exe |
"{78D883C2-F39B-4F6E-900A-78519BCEC050}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{79DDF47E-2FD1-4FFE-8792-1286D4884DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{79DE34A1-A876-44F0-A813-840C5B4FA543}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{7ABE3621-4C87-4713-AAE0-42B5DD5BB3AA}" = protocol=17 | dir=in | app=d:\starcraft_2_eu_en-gb.exe |
"{7BDFDF07-0DCD-4185-AF3F-1CBEDCC33501}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe |
"{7D3071B0-80A5-412E-B702-40B07FA1904C}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"{80A99DF1-F783-456B-BA02-064D10BCFDC2}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{81D443D8-2A1D-4A01-A297-C8E90880BCFF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{8275C628-1FF0-4FFB-9A1F-05E0AE31F4BE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{83449987-5E71-4DD2-A8D8-2913268284DF}" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"{83B6B267-70CA-4887-B89D-D38B4732DF44}" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcherb.exe |
"{85B89D7A-BC6C-43F0-B624-DB73990C01AC}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"{85D3BF51-FA03-4EAA-A8A0-0F7E7CFF0941}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{894D37DA-4AB2-4A1C-A5FF-DB385297E6E4}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{89CEAFBB-FE23-442D-9910-2DC4155D0913}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{8C99AA8B-5E70-46E8-9514-3AAE9E11B17A}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{8CEC67A6-6DD0-422C-98DC-1361E9ADC966}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{8D454BA3-51AF-465F-82B0-E5144D5CF1CC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8EB6F144-C668-4160-A734-688B1E6A2058}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8EF520F1-EEB5-4137-9B9A-97B8B0F1785E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{90BB7D26-0975-4EF9-954E-0A01F3728F42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{91660D49-7A71-4927-806F-B39ECB4B16F6}" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe |
"{9437713A-D271-4BE5-9D77-CDDE3FB52805}" = protocol=6 | dir=in | app=d:\ptr-installer-en_gb.exe |
"{95C6CB5E-6FCB-4C48-B88E-45ECDC144AE7}" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcher.exe |
"{96327C2F-4C92-4764-AC4F-08EBC2B8EC2D}" = protocol=17 | dir=in | app=d:\call of duty 4\iw3mp.exe |
"{992E54B5-A738-433E-8C76-20AF8902B999}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{9A2E2FAB-575D-4C5A-B131-C8F6ED02EA03}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{9A7E178A-879F-4FD6-8FC2-4B8E94C057FB}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"{9CE471B1-69C0-49AB-BB01-10236FB61814}" = protocol=17 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"{9EF5C98B-7133-48E3-9BEC-3B7C990745C4}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9F20BC99-C5B3-489A-AFC8-E88B655A3E68}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{A088621B-4B1A-4F0A-84B0-2A93C88DE637}" = protocol=17 | dir=in | app=f:\deadspace2.exe |
"{A0A04894-2483-4C11-A7B4-FD07916C9D9B}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{A0D7941F-01A3-4FB6-B112-D044AC351C2C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{A5A517D9-D292-4FA2-AF5D-07600F373A28}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A60BED4C-B180-4258-BE9B-B9F367AF249D}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe |
"{A64DF84B-D6C6-4BE4-A833-92F1B577BA0F}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"{A679453D-2EAD-47D8-AFF6-87175413760C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{A833FB1E-CEC9-4A4B-9824-7AA3515C330E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{AB03D938-39AC-4870-8161-A931CD6971AC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{ACBBB418-B3ED-4F17-A173-C76EFFD1074F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AD2289BE-468E-4B7C-A9DC-C51049471568}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{AD28F023-D0CB-438F-81E0-8428C112DC6C}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{AD69219B-13E8-4F1C-A309-D68157584527}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{ADA8D3F6-18A2-4814-BFC2-68E59DD1351B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{B28CBFA0-9D54-433D-A8B1-5AD53B95E6CC}" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"{B30100B6-20FC-483C-A04A-EE4D7D23985F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{B315F0DA-ADB3-4338-AD99-6803B96554C3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
"{B354BDE1-584D-4106-BC82-7AC1CEB0C7BE}" = protocol=17 | dir=in | app=d:\leauge of legends\air\lolclient.exe |
"{B39638CB-7444-4070-B13F-264936C99765}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{B43344B3-F123-4A9D-83A3-C589C3C69133}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B4C3B5EC-13D9-4739-B1A2-7634B61717E6}" = protocol=6 | dir=in | app=c:\users\štepán\temp\teamviewer\version5\teamviewer.exe |
"{B4FB486F-D63C-4435-8A55-805615F1107A}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\launcher.exe |
"{B525CC3E-6484-4AF7-853A-5B9DCF0EB550}" = protocol=17 | dir=in | app=d:\fifa 11\game\fifa.exe |
"{B52E0614-29DE-42C5-978C-DC8588C65F4E}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"{B53798FE-6047-44F2-AE00-6676C22DEF3A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{B555FD5C-5E91-4684-923C-95C8CFFFE58C}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"{B79AC3A1-8B74-4DB3-A424-5DB923C7D4C8}" = protocol=6 | dir=in | app=d:\lol\game\league of legends.exe |
"{B99C6860-9115-4D15-BDF0-1B849AFC0A51}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{BD097E6C-18F9-4A96-AAD9-BC2E01663CE6}" = dir=in | app=c:\program files (x86)\winzip driver updater\winzipdu.exe |
"{BEC7B37A-7B91-4754-839A-449E3D25F4AF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2417\agent.exe |
"{C0FEB595-D6CC-4DB6-A015-7EAB3B31DD2E}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.2.0-engb-downloader.exe |
"{C1DD42F2-8F29-4FBB-B76F-DC60F1C41134}" = protocol=6 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"{C2DF2E38-A5BB-4B36-B0D0-453529E1DF09}" = protocol=6 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"{C48764C6-DF3D-44C8-9A2C-E86150ADDA00}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{C6DAB5D5-3F81-4330-9FF9-5BA5FDF30B2D}" = protocol=6 | dir=in | app=d:\portal 2\portal2.exe |
"{C728761B-CAF4-4285-A46B-543201FED99B}" = protocol=6 | dir=in | app=d:\leauge of legends\game\league of legends.exe |
"{C775F442-A9C8-4B01-9B26-D1AFE166BA21}" = protocol=17 | dir=in | app=c:\users\štepán\temp\teamviewer\version5\teamviewer.exe |
"{C7B7DAEC-8527-4BB0-9DCC-429AB9E8AD34}" = protocol=17 | dir=in | app=d:\battle.net\battle.net.exe |
"{C8F08766-A054-4E47-A969-82C51244705F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{CA9587B7-BA9E-460C-9876-226B83BE6C12}" = protocol=17 | dir=in | app=d:\tropico 3\tropico3.exe |
"{CAA1F025-B1FC-42CA-831D-4211F745C54D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{CB02F96D-9F2E-4BF1-81A4-71EEA2A014FE}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe |
"{CB97D28D-CFE6-4C99-A62F-24149ADB255C}" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe |
"{CECA3E95-BD10-46EB-AA24-64DD55FE2754}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{D10B8E15-A462-444F-B7B5-8F3A9769DFB0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{D266FE4D-E609-4D7D-8B78-6DC331B91DCF}" = protocol=6 | dir=in | app=d:\battle.net\battle.net.exe |
"{D35ADADB-CC35-466D-9308-CBAD59327520}" = protocol=17 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"{D516ADE2-9481-44D4-B1B9-1FD4FA8F5B52}" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.2.0-engb-downloader.exe |
"{D5D94BDA-C181-419F-8BD1-5F65090D2196}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{DA6B004D-287A-40EB-A9FD-9336D3507CCC}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{DB657888-A7BB-49E4-A26E-38FFF42B4B48}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{DE2C8038-FC5B-41B3-9D44-334CB845ECAF}" = protocol=6 | dir=in | app=d:\fifa 11\game\fifa.exe |
"{DE4CD183-333C-4C3B-A48B-F63F009AA311}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{DF2C6B0F-3A2A-4EF4-89FB-484CDA7D8A03}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe |
"{E148FEC9-0592-4326-A404-4FAFB42404A3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{E1749AA9-B0B8-4D05-B5F2-FAD786A5AAA8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{E1BAE60C-F0A0-4233-9289-0C611F1A87E8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{E1CC0297-3ACF-4F3A-A868-4DC6149DFD3C}" = protocol=6 | dir=in | app=d:\blur\blur.exe |
"{E32C9DC8-71B5-4243-B377-5C69E229B1A9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{E35CA9F1-71A2-473B-A868-62EEE78E05BA}" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcher.patch.exe |
"{E5789A2F-3B67-4663-82DD-76A52DA1E951}" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"{E61B6762-29C7-4262-BA43-BC76E42383D9}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe |
"{E6B41AFF-57BD-44CD-A673-47AFCE763948}" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcher.patch.exe |
"{E900D6CE-5F14-4C8B-8D95-E740817649B1}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe |
"{E9D77DC4-1ACD-4DA3-938B-FC2C34FAD677}" = protocol=17 | dir=in | app=d:\ptr-installer-en_gb.exe |
"{EA10B2EB-C999-480B-915F-6CFE01D10217}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{EA89B630-D16D-46A6-B6F2-D4C558AD73C2}" = protocol=6 | dir=in | app=d:\world of warcraft public test\backgrounddownloader.exe |
"{EAB8E502-5665-4FEA-AC2D-FB9B845981B9}" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"{EAFF9C6A-594C-4438-9199-BD1B8F068D96}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{EB0FA77A-C96B-41E6-BF1F-EEB7FEDCEFEF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{EC695FF0-E8E8-4E28-AF7D-15C9B54A68EC}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe |
"{EC839094-1EFA-4E10-AD03-1885C34C9AAF}" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcher.exe |
"{EDF6F48A-ED86-49CE-B708-84C60160D914}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{EF2B6DE9-F063-4188-BA38-CCB8D354132E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F0DCE635-5AF9-447E-8FDF-CC4DCC843E34}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F2EE43A4-1B50-4509-A1BF-0B8C25BABA7B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2163\agent.exe |
"{F316C3DE-1009-47E1-92E6-01AF100EE952}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2359\agent.exe |
"{F4479CB4-F180-4ADE-AA8A-E5F7AA495005}" = protocol=17 | dir=in | app=d:\gta iv\rockstar games social club\rgsclauncher.exe |
"{F4565C0E-0188-4807-99CA-2491AABE8131}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{F473E91E-3CF3-479D-8550-987A5FC03A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{F4EB31A7-8DD2-4798-B9C2-EB34AC938810}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{F5DCC08B-4F95-4461-9E1D-B4130FAE37E9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{FADB8741-DBAB-4D3E-92DD-0D51F1B86828}" = protocol=17 | dir=in | app=d:\lol\game\league of legends.exe |
"{FAEC2C83-F413-481F-8814-DC6D5972242A}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{FC015A71-692D-40B8-B17E-A5A7AAA3A595}" = protocol=6 | dir=in | app=f:\deadspace2.exe |
"{FCAB6C29-D15A-43D8-ADCD-556F7132B75A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{FDD0B810-82D5-4B72-B701-3F3B37EDF41F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"TCP Query User{023A1942-7003-4E40-8BAD-81F2FA00E2C4}D:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe |
"TCP Query User{07325DAB-689E-4B6B-B399-B74E4B24EF4F}D:\starcraft_2_eu_en-gb.exe" = protocol=6 | dir=in | app=d:\starcraft_2_eu_en-gb.exe |
"TCP Query User{0A601634-2FC0-455A-BD45-6AFC63E815F3}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe |
"TCP Query User{0B7066E5-9A1D-43CF-A365-7CD3A5DA4BA6}D:\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcher.exe |
"TCP Query User{0BF55C33-7193-4B0D-B4D7-8EE3DC329073}C:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe |
"TCP Query User{0C74A65B-544C-4696-9164-E316E9D49956}D:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"TCP Query User{0E305C4D-DE28-4778-9C41-5D4545A231A7}D:\world of warcraft public test\launcher.patch.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcher.patch.exe |
"TCP Query User{1407D6FD-2EF3-4DE4-8D5F-CAA440C8CAEF}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{14D53173-2273-4BE1-BE38-DD6C1E38F7B3}D:\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=d:\diablo-iii-setup-engb.exe |
"TCP Query User{1CAD8EE1-F50E-4285-963A-6A18D7FB24BD}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe |
"TCP Query User{1D0AFFA1-788A-49A2-9567-5BCA700CC86A}D:\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=d:\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{1D4F3D39-F74A-42A0-9DEA-5D74155210DA}D:\world of warcraft\blizzard downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"TCP Query User{1F3A14C8-A81A-474C-8EB2-6632E4734827}D:\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\counter-strike source\hl2.exe |
"TCP Query User{1F83C057-31C4-4386-BE4F-C6375F708570}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{1F94C019-6BE8-457B-888D-5D9240B963F4}D:\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"TCP Query User{21152D14-A1DA-461C-933F-E5470D0B0735}D:\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"TCP Query User{253AAE0A-6A04-47CA-8320-603DD397ACCC}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{27DA3F59-C69C-4088-8677-55B4EA6D590F}D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{2BADC2F6-F8A9-457C-97A0-484AE04A17AE}D:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"TCP Query User{2CDB38EF-E6D7-4A40-85C8-67F513D5A55F}D:\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe |
"TCP Query User{2F441D37-7404-4A25-BA0F-9D0E00CE194C}D:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe |
"TCP Query User{3B2D50C2-9B7E-4B39-8D23-1939DAC3D285}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{3CD8FD84-332F-4263-8A3C-A558754D89EF}D:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"TCP Query User{40B62FCC-C94E-42F0-B99A-EECFDE9F2805}D:\warhammer dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\warhammer dawn of war 2\dow2.exe |
"TCP Query User{419BDFD1-3F8D-4B0B-A8C6-02CD4BAE07D7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{41FBFB3F-AC13-450E-AAFF-C3B325BA8125}D:\leauge of legends\lol.launcher.exe" = protocol=6 | dir=in | app=d:\leauge of legends\lol.launcher.exe |
"TCP Query User{45F9ADDD-7ACA-48FF-BD99-0492B53B9F87}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"TCP Query User{4A75612B-1934-4DAF-9BB0-355AD4EE5113}C:\program files (x86)\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena\garena.exe |
"TCP Query User{4AADC273-8453-4B13-8049-C519C20D41A3}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe |
"TCP Query User{4AD1ED9D-0542-4C1B-9A8F-9B54F8BC5D8D}D:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-engb-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-engb-downloader.exe |
"TCP Query User{4DCCEC1A-0596-4D59-8B21-23F0AE865F0B}D:\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\left 4 dead 2\left4dead2.exe |
"TCP Query User{4EDC0E72-6896-4804-A908-6810457AE9CE}D:\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackopsmp.exe |
"TCP Query User{4EE135EC-8862-41C8-A603-5CA5EE6F1C88}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe |
"TCP Query User{5AE3928E-5379-4944-9F8E-60EE6B322FC3}D:\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\tmnationsforever\tmforever.exe |
"TCP Query User{61A1F1D8-4DEA-41B3-A40B-387ACF7BB077}D:\world of warcraft public test\temp\wow-4.2.1.2747-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2747-enus-ptr-tools-downloader.exe |
"TCP Query User{6321E5D7-BA9A-4AD9-B1EF-A95EE1A34E69}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe |
"TCP Query User{650F2D5D-8DAC-4DC0-A6BC-F972642CE55C}D:\call of duuty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\call of duuty 2\cod2mp_s.exe |
"TCP Query User{68305A23-10B9-4601-A7B0-65DBDA5323B3}D:\portal 2\portal2.exe" = protocol=6 | dir=in | app=d:\portal 2\portal2.exe |
"TCP Query User{6D62BE97-547B-43D1-81E9-C1B4ADE16D7B}D:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"TCP Query User{6EBE1EB3-7200-44D0-9A5D-69A3FACCCD2C}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-engb-downloader.exe |
"TCP Query User{72484BD2-33D8-4506-B60C-8C6A660DC885}D:\lol\lol.launcher.exe" = protocol=6 | dir=in | app=d:\lol\lol.launcher.exe |
"TCP Query User{7364A046-DEF8-4954-ACCB-6C643BDB7981}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{738B8933-861A-4851-BD0F-59D33061CEF9}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{73E1BA64-C9B4-4297-82F6-E5D1B69A069E}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe |
"TCP Query User{741C1482-E7FA-4560-AFE0-6FB392FCEEEE}D:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"TCP Query User{74FB4D47-F4E8-4B03-A197-374C39F635E2}C:\simcity\apache\httpd.exe" = protocol=6 | dir=in | app=c:\simcity\apache\httpd.exe |
"TCP Query User{7B922413-FE56-4A4B-ADE8-29AC223BC524}D:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"TCP Query User{7F3A284A-A030-4059-803D-2B5C8D3B2153}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"TCP Query User{8305D98B-4717-4AD8-B2F1-A3E0466BE3A3}D:\simcity 5 - update v1.6\start.exe" = protocol=6 | dir=in | app=d:\simcity 5 - update v1.6\start.exe |
"TCP Query User{875BB789-26CB-4566-A12B-E4F5853F1E49}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{8FDD8F8E-5C42-4B6D-8594-BE0833FB9066}D:\ptr-installer-en_gb.exe" = protocol=6 | dir=in | app=d:\ptr-installer-en_gb.exe |
"TCP Query User{97A856FD-A9BB-4018-9DC8-0DB8BC345DA2}D:\outlast\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=d:\outlast\binaries\win64\olgame.exe |
"TCP Query User{9F94CEAC-2899-4819-8A5A-773FA92BD905}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"TCP Query User{A1B485E2-9623-4F2F-8E57-F4113421E733}C:\users\štepán\temp\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\štepán\temp\teamviewer\version5\teamviewer.exe |
"TCP Query User{A5A17446-D352-4345-A7A1-606DDB1DFC40}D:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe |
"TCP Query User{A6B96202-7597-4DDA-AC17-8CC36E4BA0D6}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{AB03EBEB-0239-4A9E-9F59-E81314743EA5}D:\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"TCP Query User{AE32465F-B8A5-4EDE-B99C-5E3D10EED2DE}D:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe |
"TCP Query User{B1E62C6D-C3D0-4512-A85E-71EF7045BC5B}D:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{B4AA947B-E774-40A8-9E48-41A31485BD5A}F:\deadspace2.exe" = protocol=6 | dir=in | app=f:\deadspace2.exe |
"TCP Query User{B6629782-941B-416A-9DB0-7C27D4B0FD2E}D:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"TCP Query User{B8ADEDC0-F374-4A47-9543-A1BE47769E3F}D:\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"TCP Query User{BC06DA35-B589-4815-BBAB-E78BC269AF62}D:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"TCP Query User{BD5BC53E-1694-49C0-996E-FD8A222A6C9C}C:\users\štepán\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\štepán\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{C0BA36DF-A1F8-4D80-88B0-7C3DADF07C05}D:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"TCP Query User{C39818C3-0B79-44FC-9923-40CDC0702B6F}D:\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"TCP Query User{C506E85B-0894-41F5-8482-0F1EB8444A0B}C:\programdata\battle.net\agent\agent.1199\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"TCP Query User{C670DF36-0799-4D76-AA04-FFCE73E519B5}D:\outlast\binaries\win32\olgame.exe" = protocol=6 | dir=in | app=d:\outlast\binaries\win32\olgame.exe |
"TCP Query User{C85EF024-71C9-4102-BF75-85EEABCEDEF5}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{C998F3F0-F852-4B5A-9986-3B66C10E256F}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"TCP Query User{CA9C3AA6-51A3-4EC4-8B42-6A24E0E77684}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"TCP Query User{CAD9FEA9-1F35-4DDC-9A5F-D3184BE01073}D:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe |
"TCP Query User{CF8F90D2-5D96-4EDD-AE73-3E829F1D9998}D:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"TCP Query User{D751CECC-D7A5-46E2-A37B-4BD48F40A1CA}C:\simcity\start.exe" = protocol=6 | dir=in | app=c:\simcity\start.exe |
"TCP Query User{D79349E9-E9AE-488C-B11A-26DF11BDDD00}C:\simcity 5 - update v1.6\start.exe" = protocol=6 | dir=in | app=c:\simcity 5 - update v1.6\start.exe |
"TCP Query User{D7B69ABD-CE83-442E-80CF-6C0541ECA80C}D:\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=d:\stronghold crusader\stronghold crusader.exe |
"TCP Query User{D86BCE06-F4F0-4E75-8203-D1792F39E501}D:\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe |
"TCP Query User{DB22A021-1B18-46F5-8D9B-BB664920C2C3}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{DCDFAA7E-725A-4610-9442-005F819A35E8}D:\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa 11\game\fifa.exe |
"TCP Query User{DE2AC5DE-4AF3-4CC3-9EE1-124A0A4AAE9B}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe |
"TCP Query User{E34CBC9C-820E-4F1B-9216-9A71A3FBEED5}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{E39358E5-5D05-48D5-A2E3-8CF8216CCFFF}D:\world of warcraft public test\launcherb.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\launcherb.exe |
"TCP Query User{E43C8857-2611-4A26-872B-A74835838BDB}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"TCP Query User{E48B64A3-5CE7-40E7-B6CA-2925EA5BC05A}D:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"TCP Query User{E930718D-E97A-4090-921C-9B1616DC8F59}D:\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe |
"TCP Query User{EB7519C1-97D3-4BE5-8639-C977F3C916A3}C:\program files\sony\vegas pro 9.0\vegsrv90.exe" = protocol=6 | dir=in | app=c:\program files\sony\vegas pro 9.0\vegsrv90.exe |
"TCP Query User{F608502C-45EE-46CE-B9FD-CF51BFD14A90}D:\world of warcraft public test\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\backgrounddownloader.exe |
"TCP Query User{F9561257-2117-495D-BDF0-96188668D62B}D:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"TCP Query User{FA0EE614-BA80-43C7-9DBA-0144BD84CA3E}D:\world of warcraft public test\temp\wow-4.3-5.0.15464-enus-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft public test\temp\wow-4.3-5.0.15464-enus-downloader.exe |
"TCP Query User{FACB6500-D716-4CD9-AA82-1E958721C315}D:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{FCF1B550-2961-4838-BDCB-229738E9D317}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{03D98072-BEF3-4A11-B011-1A9E0B1B2888}D:\world of warcraft public test\launcher.patch.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcher.patch.exe |
"UDP Query User{08E8E2D8-D9CF-430F-A56B-1A117CBB3D10}C:\programdata\battle.net\agent\agent.954\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"UDP Query User{0A52F0B0-D1F1-4647-B153-0D5715CF60FB}C:\programdata\battle.net\agent\agent.1199\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"UDP Query User{0F0410AA-DFB7-4101-BE95-29712C949C43}D:\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"UDP Query User{124EAC0F-088E-4DDD-B2DC-86E2E615EBB7}D:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{1AA630A0-EB70-456D-B505-59B13AC2FD70}D:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{1C929DC2-481F-4A8D-A619-E24871712A3C}C:\users\štepán\temp\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\štepán\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{22F2EFB1-33B1-4B87-A01C-A338E13549DA}D:\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\call of duty 2\cod2mp_s.exe |
"UDP Query User{287C4BD3-994A-4180-B641-CAF32712F4FA}D:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe |
"UDP Query User{28ABA6E4-4196-4450-A59D-B7A2A9D56A0C}D:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{37A365D6-C989-4B67-9613-D1299405423A}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{38BDF911-4EDF-444C-83DD-5EEB541C8EC2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{3919CDB8-8E5B-44DE-98C1-B5852EAF3344}D:\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\left 4 dead 2\left4dead2.exe |
"UDP Query User{3DE37F0A-F4BA-4429-BD6D-E3FBF24539E0}D:\outlast\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=d:\outlast\binaries\win64\olgame.exe |
"UDP Query User{3EEA3754-06CA-42FF-9077-16732154BD02}D:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2706-enus-tools-downloader.exe |
"UDP Query User{3FEDDB68-9651-4833-870B-C3E7F50E2842}D:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"UDP Query User{41F8AE5F-F2AD-4A43-ADFD-1C3C61F8046A}C:\program files\sony\vegas pro 9.0\vegsrv90.exe" = protocol=17 | dir=in | app=c:\program files\sony\vegas pro 9.0\vegsrv90.exe |
"UDP Query User{4837139A-DF27-4BE4-AF06-1473E2251B18}D:\simcity 5 - update v1.6\start.exe" = protocol=17 | dir=in | app=d:\simcity 5 - update v1.6\start.exe |
"UDP Query User{486470E3-175E-4B49-AFDA-C60457FD6C0D}D:\world of warcraft public test\temp\wow-4.2.1.2747-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2747-enus-ptr-tools-downloader.exe |
"UDP Query User{4C89D43D-E3BC-412D-B31E-CFB08AF16D4B}C:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ibm\spss\statistics\21\jre\bin\javaw.exe |
"UDP Query User{4FF6F822-B4D1-4300-A1D5-1BD2A052FB33}D:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{50EA60AC-13C1-40DC-B535-D0B3663E1124}D:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-engb-downloader.exe |
"UDP Query User{54D7C5E4-8693-49BA-85D5-3D4033421159}D:\ptr-installer-en_gb.exe" = protocol=17 | dir=in | app=d:\ptr-installer-en_gb.exe |
"UDP Query User{55FC70FD-8198-4E63-BFB7-177E925DC22D}D:\starcraft_2_eu_en-gb.exe" = protocol=17 | dir=in | app=d:\starcraft_2_eu_en-gb.exe |
"UDP Query User{5AC37025-3FFD-4AD6-A072-61D48EBED3B5}D:\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackopsmp.exe |
"UDP Query User{60C80A3E-46AE-42D6-9E8D-BE7358905E30}D:\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2588-enus-ptr-tools-downloader.exe |
"UDP Query User{6409FE37-B974-44CF-AAD7-AA24EA73B8C3}D:\world of warcraft\blizzard downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\blizzard downloader.exe |
"UDP Query User{64AC705C-0C7C-4FB5-9611-D3D6EEB6188D}C:\program files (x86)\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena\garena.exe |
"UDP Query User{66BADF69-967F-4F19-AD98-CFC72BD0514C}C:\simcity 5 - update v1.6\start.exe" = protocol=17 | dir=in | app=c:\simcity 5 - update v1.6\start.exe |
"UDP Query User{684CA156-7347-46FE-B20C-A15832BB2AE8}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12164-to-4.0.0.12232-engb-downloader.exe |
"UDP Query User{6A588AA0-A809-4241-A3FE-A3172D95581B}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"UDP Query User{6ADCF7E7-19F5-4702-9E16-C2030966F8EC}D:\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=d:\diablo-iii-setup-engb.exe |
"UDP Query User{6B26CD63-316A-4574-83D4-C263F1C9F58A}D:\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"UDP Query User{6F1313EE-4BD7-43D0-8D3B-60ECA099F919}D:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-engb-downloader.exe |
"UDP Query User{720A24A0-BDA8-4A0A-9199-BDBF3571392D}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{72222AAB-DC1A-4B10-9AA5-2D0BF1A62201}D:\portal 2\portal2.exe" = protocol=17 | dir=in | app=d:\portal 2\portal2.exe |
"UDP Query User{7998DB3D-E4E3-4CE8-8812-27FD22DB1BE2}D:\warhammer dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\warhammer dawn of war 2\dow2.exe |
"UDP Query User{7C40F6AC-B8FA-4F23-BA3F-EFAA77DD4A8E}C:\simcity\apache\httpd.exe" = protocol=17 | dir=in | app=c:\simcity\apache\httpd.exe |
"UDP Query User{7EA7DEC2-155A-4643-9C59-AAB965915CD5}D:\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\tmnationsforever\tmforever.exe |
"UDP Query User{7F2DBFE0-9F96-4FA8-A194-34FE445F8423}D:\world of warcraft public test\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\backgrounddownloader.exe |
"UDP Query User{8939DF35-5E7A-4B3B-82D2-E826D7C9BB81}D:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2310-enus-ptr-tools-downloader.exe |
"UDP Query User{89BC0CD2-335A-45D3-B840-33DD23A1A127}D:\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\counter-strike source\hl2.exe |
"UDP Query User{8A329DCA-CA08-42E5-800D-D4776E47DD30}D:\world of warcraft public test\temp\wow-4.3-5.0.15464-enus-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.3-5.0.15464-enus-downloader.exe |
"UDP Query User{8B7498D9-1A6A-4C2B-A38D-4D0E7FB8BDAE}D:\call of duuty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\call of duuty 2\cod2mp_s.exe |
"UDP Query User{8DB1493B-2C05-409C-B7AC-871C66853C97}C:\simcity\start.exe" = protocol=17 | dir=in | app=c:\simcity\start.exe |
"UDP Query User{945BFEB5-A517-48A8-ABEE-4800AD0B87F0}D:\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcher.exe |
"UDP Query User{98D2C229-B709-4D71-815C-AD608752E050}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{992805E9-409C-40DB-9A10-39B8C2009861}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{9ABB7FD2-101A-4965-92A2-B98FF7641DEB}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{9EA228D8-86D7-4A16-BDA1-116091FAABCC}C:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.11927-to-4.0.0.12025-engb-downloader.exe |
"UDP Query User{9EDCE4B2-A3F5-40B1-8B98-9C21E444E0D7}D:\leauge of legends\lol.launcher.exe" = protocol=17 | dir=in | app=d:\leauge of legends\lol.launcher.exe |
"UDP Query User{A230354E-07CA-443F-A11C-A1776994D717}D:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2730-enus-tools-downloader.exe |
"UDP Query User{A23876BA-6815-4854-BD05-FEE79093073C}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12025-to-4.0.0.12065-engb-downloader.exe |
"UDP Query User{A6180460-0D72-468D-A06E-7401956BBAC9}D:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe |
"UDP Query User{A72E88C7-5CFD-4757-B200-486EB79DC2AB}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"UDP Query User{AA3322D4-A6BC-435B-98D4-02064D0B3A80}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{AAA50CE7-6FDD-4286-AA75-80C5E12D4041}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{AD95E85F-3051-475F-A02C-0E71FF078556}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{AE79D8D4-0A91-40EF-90C7-1F166F8C95BA}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12266-to-4.0.0.12319-engb-downloader.exe |
"UDP Query User{AEE93F82-36B7-4379-8EC2-4A219FC0CEB5}D:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"UDP Query User{AFE77E48-6766-4827-BC77-0BAC6E0517DA}D:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"UDP Query User{B14C8C1B-8180-4B63-8664-E81DE525AF65}D:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"UDP Query User{B9B6DB92-8A93-40E6-B02C-C1777CEE0331}F:\deadspace2.exe" = protocol=17 | dir=in | app=f:\deadspace2.exe |
"UDP Query User{BCE1A52E-E2B8-49E8-9606-3BA610C36E80}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{BD617D8E-259F-4DCC-B96C-55B5E66543FE}D:\world of warcraft public test\launcherb.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\launcherb.exe |
"UDP Query User{BD85D28C-2EDC-42EA-AE22-BAB8AAD445CD}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{C0324FB3-5C7F-4623-8AC0-0F20AC5AE484}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{C0A250D7-4AA4-439B-ABF5-C52C9DCF5D5C}D:\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa 11\game\fifa.exe |
"UDP Query User{C16D8CA8-CBF1-4F40-B1C4-D5F167D23BA2}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12122-to-4.0.0.12164-engb-downloader.exe |
"UDP Query User{C483EFF8-9373-48AA-956E-B92EA5B26FE7}D:\lol\lol.launcher.exe" = protocol=17 | dir=in | app=d:\lol\lol.launcher.exe |
"UDP Query User{C8D78A1A-86AD-4DC7-A014-22A81795A523}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{C9A0179B-8153-4E9E-BF72-D6F08AA7A066}D:\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=d:\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{CA8E897A-5D73-4B2A-B36B-F19CB6216632}D:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.1.0.2374-enus-ptr-tools-downloader.exe |
"UDP Query User{CA99292F-F159-4162-8701-70163F6E1714}D:\outlast\binaries\win32\olgame.exe" = protocol=17 | dir=in | app=d:\outlast\binaries\win32\olgame.exe |
"UDP Query User{CB24F894-8B98-4043-96F1-393A1B461C21}C:\programdata\battle.net\agent\agent.913\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"UDP Query User{D1A79145-41BE-45EF-9483-F00CBF8F165A}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12065-to-4.0.0.12122-engb-downloader.exe |
"UDP Query User{D46586AB-1843-46AC-AACE-F11E4CE2BD5A}D:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2685-enus-tools-downloader.exe |
"UDP Query User{D5B28625-8E9A-4DA8-866D-2C8D5237616C}D:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"UDP Query User{D6DFFBA1-C760-4CCF-BADE-8DDE89D94C3E}D:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.0.0.2104-enus-tools-downloader.exe |
"UDP Query User{D8FBD227-250B-46AB-8D57-3B09E4580A9C}C:\users\štepán\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\štepán\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{DAF0D1AC-F133-40BB-9C21-B77234156706}D:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"UDP Query User{DFB0B11A-E194-42DA-9E5F-A30AE6D945A7}D:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.0.1.2131-enus-ptr-tools-downloader.exe |
"UDP Query User{E020E94D-3C4F-4449-A97C-95CBD4C53EC7}C:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft beta\wow-4.0.0.12232-to-4.0.0.12266-engb-downloader.exe |
"UDP Query User{E1D51D70-DA60-42A6-B2D5-569DC1291C0A}D:\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"UDP Query User{F3BE4879-D1F2-4975-B6D2-029FE95C4675}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"UDP Query User{F67ABDBF-9A36-4138-AFF1-C9F5ECFF755E}C:\program files (x86)\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left 4 dead 2\left4dead2.exe |
"UDP Query User{F6E0A404-6DA9-486B-8957-C9C09B772870}D:\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft public test\temp\wow-4.2.1.2608-enus-ptr-tools-downloader.exe |
"UDP Query User{F7FA6CB4-6F94-484D-9C9E-D96C1A2F7FA1}D:\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\call of duty - black ops\blackops.exe |
"UDP Query User{F86E3141-10BB-4160-8844-AED1E9CF4B9F}C:\programdata\battle.net\agent\agent.868\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"UDP Query User{F890CA72-5BC4-4ADA-9C00-C53EADED2133}D:\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=d:\stronghold crusader\stronghold crusader.exe |
"UDP Query User{FDDD4138-0BF5-475F-A424-B8C5B159D26B}D:\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.1.2683-enus-tools-downloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00429B60-6F21-F75E-897F-EEA37B56C806}" = AMD Media Foundation Decoders
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2AE2789B-454A-0A8D-D848-38F1F7070C73}" = AMD Catalyst Install Manager
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AD06A0A-1B07-F618-B880-688FCDE74079}" = AMD Accelerated Video Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BA8E03A9-BEFD-C9AB-7B1F-6F58BB9545D3}" = AMD Drag and Drop Transcoding
"{C616FD4F-11F5-11E0-A38F-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F9D06DFC-32E9-F40A-230C-9673E8DDC2F6}" = ccc-utility64
"0E74EB10C05C955C24243E6D3120CDC972FC5B1D" = Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500)
"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"ASUS WebStorage" = ASUS WebStorage
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DriverAgent.exe" = DriverAgent by eSupport.com
"F9FD5BBF579A4BFD40D38BE291F731666B27DC28" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam

Extras 2. část:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0201CB85-955D-60E0-4EC0-380D3B7FB80E}" = CCC Help Thai
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1456C739-DD89-70D6-E2C0-AF5CDDA5D90F}" = CCC Help Chinese Traditional
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20B0DF0F-10F7-64EF-4EA0-C82642223AC2}" = CCC Help Russian
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{265F885E-107E-A142-500D-5E86D3176D2F}" = CCC Help Greek
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2949F05A-0840-45E9-81AA-DFF630E2679E}" = Freeware PDF Unlocker
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{38136734-7051-347E-59C7-FF6CB35543ED}" = Catalyst Control Center InstallProxy
"{38F8D823-008D-4E5A-BBCE-867A86C2BF2B}" = Sound Blaster Audigy HD
"{3960C198-FEC4-C593-2248-0A5FDB8FF88A}" = CCC Help Hungarian
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{41E45D65-814E-45C9-898A-5C6A2BADEC77}" = PaperScan 2 Free Edition
"{4665F775-11B5-AEFB-8861-47703834248B}" = CCC Help German
"{46A2018B-3954-0B0C-F5EE-FDB07E405889}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3BFBE9-1FDD-E558-025E-E296E8F3CA34}" = Catalyst Control Center Localization All
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{553C9E3C-CC38-3C7B-4188-23C747273237}" = CCC Help Danish
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5C4C1F60-F86D-0494-C496-42B1B16DBEBC}" = Catalyst Control Center
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4A9DC2-AC2E-BAA4-FB72-5B09B444D4C9}" = CCC Help English
"{6BB6DA0C-58DB-0163-E446-2B315041B4FC}" = CCC Help Polish
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7E94B0E5-83E6-F980-F81E-2E74655DE671}" = CCC Help French
"{7FB95D00-6B0C-5075-B689-1F8F50024CC0}" = Catalyst Control Center Graphics Previews Common
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC71E37-9530-10E1-F73D-8E6880A17C26}" = CCC Help Finnish
"{8F05F450-C755-F948-C218-7788DC4F51F7}" = CCC Help Japanese
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9F012408-04EC-4989-932F-4C096117D2DD}_is1" = Mortal Kombat Komplete Edition
"{A103196A-792C-A348-F6E5-0DCB33DC6D0A}" = CCC Help Norwegian
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A30B38FA-99DA-97DD-F8DB-F8252C140651}" = CCC Help Portuguese
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.5 - Czech
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B6F6F91F-CEE7-0030-3436-5DDDB1B07046}" = CCC Help Dutch
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C127399A-BFB5-C9C2-F1D7-89E4C27AAF99}" = CCC Help Turkish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D5B94160-4A07-4956-9C73-8C5EEFEF180F}" = OpenOffice.org 3.3
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1B9CA9C-4403-184D-1FDC-647D360664C6}" = CCC Help Italian
"{E34CBAE0-5464-0542-5761-DEA44B32B5C0}" = CCC Help Czech
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E44C0D5F-CAD6-80AE-5686-3F6C0AA1440E}" = CCC Help Swedish
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI
"{EC6663B3-177C-3484-12A5-24B37983AAC2}" = CCC Help Chinese Standard
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED110DBC-19EC-6243-F26B-162DB415F19E}" = CCC Help Spanish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Áîň äë˙ đűáŕëęč â WoW by Mr.Sergey_is1" = Áîň äë˙ đűáŕëęč â WoW by Mr.Sergey
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Notebook_G73" = ASUS_Notebook_G73 Screen Saver
"avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"Garena" = Garena 2010
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.7.0 (Basic)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.1.1004
"Minecraft 1.7.2 1.00" = Minecraft 1.7.2 1.00
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"PokerStars" = PokerStars
"Portal 2 1.00" = Portal 2 1.00
"Scan to PDF" = Scan to PDF
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"World of Warcraft Beta" = World of Warcraft Beta
"World of Warcraft Public Test" = World of Warcraft Public Test

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-779688466-701959231-4131610901-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.5.2014 18:17:30 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 5.5.2014 18:17:30 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 6.5.2014 17:32:56 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 6.5.2014 17:32:57 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 7:23:20 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 7:23:22 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 7:30:44 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 7:30:44 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 18:34:27 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 7.5.2014 18:34:28 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

Error - 8.5.2014 8:20:17 | Computer Name = PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Parametr
není správný. .

[ OSession Events ]
Error - 30.3.2011 14:23:21 | Computer Name = PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 26.11.2012 11:52:16 | Computer Name = PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 45
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6.5.2014 15:45:01 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Služba Intel(R) Management & Security Application User Notification
Service závisí na službě Intel(R) Management and Security Application Local Management
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 6.5.2014 17:31:48 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 6.5.2014 17:31:48 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 7.5.2014 6:50:12 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Služba Intel(R) Management & Security Application User Notification
Service závisí na službě Intel(R) Management and Security Application Local Management
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 7.5.2014 7:21:29 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Služba Intel(R) Management & Security Application User Notification
Service závisí na službě Intel(R) Management and Security Application Local Management
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 7.5.2014 18:32:46 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 7.5.2014 18:32:46 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 8.5.2014 4:15:33 | Computer Name = PC | Source = Service Control Manager | ID = 7001
Description = Služba Intel(R) Management & Security Application User Notification
Service závisí na službě Intel(R) Management and Security Application Local Management
Service, která neuspěla při spuštění v důsledku následující chyby: %%1058

Error - 8.5.2014 6:55:48 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.

Error - 8.5.2014 6:55:48 | Computer Name = PC | Source = ACPI | ID = 327690
Description = ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti
PCI (0x4). Obraťte se na prodejce systému s žádostí o odbornou pomoc.


< End of report >

Odinstalujte MBAM


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: `tepán

User: Štepán
->Temp folder emptied: 1229969575 bytes
->Temporary Internet Files folder emptied: 103675246 bytes
->Java cache emptied: 6965650 bytes
->FireFox cache emptied: 253784319 bytes
->Google Chrome cache emptied: 399690573 bytes
->Opera cache emptied: 24241317 bytes
->Flash cache emptied: 9437 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 195398640 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 131809 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 111,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: `tepán

User: Štepán
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-779688466-701959231-4131610901-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CBAE06C1-C571-4AE4-A22B-6111C186070D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBAE06C1-C571-4AE4-A22B-6111C186070D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_USERS\S-1-5-21-779688466-701959231-4131610901-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-779688466-701959231-4131610901-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
C:\Windows\SysNative\drivers\~GLH0023.TMP deleted successfully.
C:\Users\Štepán\AppData\Roaming\AVG\AWL2014\Dashboard folder moved successfully.
C:\Users\Štepán\AppData\Roaming\AVG\AWL2014\Backups folder moved successfully.
C:\Users\Štepán\AppData\Roaming\AVG\AWL2014 folder moved successfully.
C:\Users\Štepán\AppData\Roaming\AVG\AWL\CrashDumps folder moved successfully.
C:\Users\Štepán\AppData\Roaming\AVG\AWL folder moved successfully.
C:\Users\Štepán\AppData\Roaming\AVG folder moved successfully.
C:\Windows\Installer\MSI4DED.tmp- folder deleted successfully.
C:\Windows\Installer\MSI6F4E.tmp deleted successfully.
C:\Windows\Installer\MSI70AA.tmp- folder deleted successfully.
C:\Windows\Installer\MSIBA39.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC980.tmp- folder deleted successfully.
C:\Windows\Installer\MSIC9CD.tmp deleted successfully.
C:\Windows\Installer\MSID9DE.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 05092014_153304

Files\Folders moved on Reboot...
C:\Users\Štepán\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

Reklamy, okna a všechny problémy co jsem s počítačem měl zmizely

To jsem rad

Jeste mi napiste velikost adresare plochy C:\Users\Štepán\Desktop

127mb

Velikost je OK. Plati totiz ze cim mensi plocha, tim sviznejsi je start i chod pc Najdou se i uzivatele, kteri maji na plose 100GB

PC zatim drzi? Jestli je vse v poradku, mame hotovo