VIRY.CZ

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 14-10-15.01 - admin 18.10.2014 7:14.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6092 [GMT 2:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\admin\Desktop\CFScript.txt
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\zoek-delete.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\zoek_backup
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Alawar.ico
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Alawar.url
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Data\Data.pack
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Data\loc_en.pack
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\FarmFrenzy3_America.exe
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\FarmFrenzy3_America.wrp.exe
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Gamextazy.ico
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Gamextazy.url
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\HTMLayout.dll
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\JNGLoad.dll
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\local.log
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\manifest.xml
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\readme.html
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Register.ico
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Registrator.ini
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Squall.dll
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\unicows.dll
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\Uninstall.exe
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\config.ini
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\new_images\b_logo_game.jpg
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\carl-the-caveman.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\games.html
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\mysteries-of-horus.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\pharaoh-s-mystery.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\snowy-lunch-rush.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\snowy-space-trip.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\snowy-treasure-hunter-2.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\snowy-treasure-hunter.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wdata\othergames\strike-ball-2-deluxe.gif
c:\zoek_backup\C_PROGRA~2_Alawar\FarmFrenzy3AmericanPie\wrapper.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleCrashHandler.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleCrashHandler64.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleUpdate.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleUpdateBroker.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleUpdateHelper.msi
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleUpdateOnDemand.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\GoogleUpdateSetup.exe
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdate.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_am.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ar.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_bg.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_bn.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ca.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_cs.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_da.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_de.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_el.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_en-GB.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_en.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_es-419.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_es.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_et.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_fa.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_fi.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_fil.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_fr.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_gu.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_hi.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_hr.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_hu.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_id.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_is.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_it.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_iw.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ja.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_kn.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ko.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_lt.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_lv.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ml.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_mr.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ms.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_nl.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_no.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_pl.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_pt-BR.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_pt-PT.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ro.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ru.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_sk.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_sl.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_sr.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_sv.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_sw.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ta.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_te.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_th.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_tr.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_uk.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_ur.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_vi.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_zh-CN.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\goopdateres_zh-TW.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\npGoogleUpdate3.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\psmachine.dll
c:\zoek_backup\C_PROGRA~2_GUM3C15.tmp\psuser.dll
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_autoconfig.js.vir
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_pref.js.vir
c:\zoek_backup\C_PROGRA~3_HirezPipeError.txt.vir
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setup.dll
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setupx.dll
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\0.ini
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120401165007.log
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120401170550.log
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120401170631.log
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.dat
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.exe
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.ico
c:\zoek_backup\C_PROGRA~3_InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\TsuDll.dll
c:\zoek_backup\C_PROGRA~3_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}v11.0.60610\packages\vcRuntimeMinimum_amd64\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}v11.0.60610\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}v11.0.51106\packages\vcRuntimeAdditional_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}v11.0.51106\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{764384C5-BCA9-307C-9AAC-FD443662686A}v11.0.60610\packages\vcRuntimeAdditional_amd64\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{764384C5-BCA9-307C-9AAC-FD443662686A}v11.0.60610\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
c:\zoek_backup\C_PROGRA~3_Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
c:\zoek_backup\C_PROGRA~3_Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
c:\zoek_backup\C_PROGRA~3_Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
c:\zoek_backup\C_PROGRA~3_Package Cache\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}v11.0.51106\packages\vcRuntimeMinimum_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}v11.0.51106\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi
c:\zoek_backup\C_PROGRA~3_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi
c:\zoek_backup\C_Users_admin_AppData_Local_Google_Chrome_User Data_Default_Extensions_pelmeidfhdlhlbjimpabfcbnnojbboma.crx.vir
c:\zoek_backup\C_Users_admin_AppData_Roaming_Cobalt\Roaming.rar
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\apps\list.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\appsMetaData.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\CT2304157.searchProtectorData
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\AddedAppDialog\app-added.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\AddedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\DefualtImages\icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\DetectedAppDialog\app-2go.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\DetectedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\DialogsAPI.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\EngineFirstTimeDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\EngineFirstTimeDialog\right-click.gif
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\excanvas.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\generalDialogStyle.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\images\ok-button.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\images\separation-line.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\images\warning.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\SearchProtector.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\NewSearchProtectorDialog\SearchProtector.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\PIE.htc
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\RoundedCorners.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\RoundedCornersIE9.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\bubble.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\bubble.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\images\information.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorBubbleDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\Images\info.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\Images\ok-on.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\Images\ok.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\SearchProtector.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorDialog\SearchProtector.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\settings.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\arrow.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\divider.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\facebook.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAddedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAppApprovalDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAppPendingDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\Dialogs\version.txt
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\feed\http___blog_xfire_com_rss_live_structured.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\feed\http___twitter_com_statuses_user_timeline_21817319_rss_history.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\feed\http___twitter_com_statuses_user_timeline_21817319_rss_structured.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\feed\http___www_xfire_com_blog_theblog_rss__live_structured.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\getAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\languagePack.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\LocalSettings.txt
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\postAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\searchInNewTabData.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\ServiceMap.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\ThirdPartyComponents.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\toolbarContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\unsharedAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT2304157\UserAdditionalComponents.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\apps\list.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\appsMetaData.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\AddedAppDialog\app-added.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\AddedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\DefualtImages\icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\DetectedAppDialog\app-2go.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\DetectedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\DialogsAPI.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\EngineFirstTimeDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\EngineFirstTimeDialog\right-click.gif
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\excanvas.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\generalDialogStyle.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\images\ok-button.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\images\separation-line.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\images\warning.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\SearchProtector.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\NewSearchProtectorDialog\SearchProtector.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\PIE.htc
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\RoundedCorners.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\RoundedCornersIE9.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\bubble.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\bubble.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\images\information.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorBubbleDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\Images\info.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\Images\ok-on.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\Images\ok.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\SearchProtector.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorDialog\SearchProtector.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\settings.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\arrow.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\divider.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\facebook.png
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAddedAppDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAppApprovalDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAppPendingDialog\main.html
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\Dialogs\version.txt
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\getAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\languagePack.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\LocalSettings.txt
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\postAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\searchInNewTabData.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\ServiceMap.json
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\ThirdPartyComponents.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\toolbarContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\unsharedAppsContextMenu.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_CT3072253\UserAdditionalComponents.xml
c:\zoek_backup\C_Users_admin_AppData_Roaming_Mozilla_Firefox_Profiles_j1u9vxj8.default_prefs_16.10.2014_0649_.backup.vir
c:\zoek_backup\C_Windows_Installer_{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
c:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches\desktop.ini
c:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches\Indexed Locations.search-ms
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\060e9e6a661d1f9c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\09f8bc254f70ec91.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\0b59d63bda2e62c3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\1fb6227985a2fce3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\26c630d098e22dd5.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\272512937d9e61a4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\287204568329e189.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\28bc8f716fd76a47.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\2c53092c95605355.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\2d2a509ceff733b2.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\31a0997e9a5b5eb3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\32c84fe32bb74d60.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\3917078cb68ec657.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\4ab6484130424366.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\526894ae950ac043.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\590ba23ce359fd0c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\5fa540f0713c83d7.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\610289e025a3ee9a.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\651c5d3cdbfb8bd1.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6c59ac5e7e7a3ad0.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\6d03dad1035885d3.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\74094411002c284b.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\7a6cb6a25cf5278b.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\7d739884b160b28c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\7dabdcc3f5764072.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\7fe10bd754a8515c.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\811bd33d30ad5846.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\95f567698be8a182.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\9ca22afe2f9f4da2.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\9fe67e7741c96c62.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\a8556537add6dfc5.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ad10a52aff5e038d.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\b4bee7ef17e4a724.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ba69a189a5e831fb.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c1fa887b03019701.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\c4d28dca2e7648be.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ca3795245bf55e54.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d201ef9910cd39de.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d2e94710a5708128.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d79b9dfe81484ec4.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\d935aaa258df7756.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e0de16f883bea794.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\e8c1f24fdea84102.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\ecf19f297b8134c0.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\f60b6a078bcc2a00.fb
c:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_AVG Secure Search\cache\f998975c9cc711ee.fb
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MBAMSWISSARMY
-------\Service_AVG Security Toolbar Service
-------\Service_MBAMSwissArmy
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-18 do 2014-10-18 )))))))))))))))))))))))))))))))
.
.
2014-10-18 05:21 . 2014-10-18 05:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-10-16 04:52 . 2014-10-16 04:38 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-16 04:52 . 2014-10-18 05:24 -------- d-----w- c:\users\admin\AppData\Local\Temp
2014-10-15 17:54 . 2014-10-15 17:57 -------- d-----w- C:\AdwCleaner
2014-10-15 05:27 . 2014-10-15 05:27 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2014-10-15 04:35 . 2014-07-07 02:06 5120 ----a-w- c:\windows\system32\msdxm.ocx
2014-10-15 04:34 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-12 18:29 . 2014-10-12 18:29 -------- d-----w- c:\users\admin\AppData\Roaming\Carbon
2014-10-04 15:20 . 2014-10-04 15:20 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-10-01 04:22 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 04:22 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-25 11:37 . 2014-09-04 19:14 38048 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-09-25 11:37 . 2014-09-04 19:14 32416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-09-24 12:20 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 12:20 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-23 21:19 . 2014-09-23 21:19 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-15 05:24 . 2011-12-27 06:37 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-04 13:58 . 2011-12-26 14:40 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-10-04 13:58 . 2011-12-26 14:14 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-10-04 13:58 . 2011-12-26 14:14 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-09-24 17:04 . 2011-12-21 13:04 25640 ----a-w- c:\windows\gdrv.sys
2014-09-24 15:47 . 2012-04-12 04:59 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-24 15:47 . 2011-12-26 13:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-04 19:14 . 2014-01-18 07:11 34976 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-08-25 16:47 . 2009-08-18 09:24 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-28 07:08 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:08 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-06 08:50 . 2014-08-06 08:50 123672 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2014-08-01 11:53 . 2014-09-10 04:51 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 04:51 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 13:50 . 2014-06-29 08:26 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2014-01-18 07:16 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-06-29 08:26 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2014-01-18 07:16 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-21 19:03 . 2014-07-21 19:03 244504 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-09-22 12:35 220632 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-09-22 12:35 220632 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-09-22 12:35 220632 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"GamingMouseEditor"="c:\program files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" [2012-08-17 3333120]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-10-17 55568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-08-25 5188112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-8-6 6048520]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-18 04:58 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-09-22 12:35 244696 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-09-22 12:35 244696 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-09-22 12:35 244696 ----a-w- c:\users\admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-07 11858536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 217.195.165.131 217.195.160.10
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - ExtSQL: 2014-10-14 11:56; extension@linkeyproject.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\extension@linkeyproject.com
FF - ExtSQL: 2014-10-14 12:06; faststartff@gmail.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\faststartff@gmail.com
FF - ExtSQL: !HIDDEN! 2014-10-14 12:06; faststartff@gmail.com; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\extensions\faststartff@gmail.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-Farm Frenzy 3: American Pie - c:\program files (x86)\Alawar\FarmFrenzy3AmericanPie\Uninstall.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2\MimeTypes\application/java-deployment-toolkit]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2\MimeTypes\application/java-deployment-toolkit;deploy=10.55.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;jpi-version=1.7.0_55]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.1]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.1.1]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.1.2]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.1.3]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.2]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.2.1]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.3]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.3.1]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.4]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.4.1]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.4.2]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.5]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.6]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-applet;version=1.7]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-vm]
@DACL=(02 0000)
"Description"="Java™ Virtual Machine"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2\MimeTypes\application/x-java-vm-npruntime]
@DACL=(02 0000)
"Description"="Java™ Applet"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\MimeTypes\application/x-silverlight]
@DACL=(02 0000)
"Description"="Ag Player Plugin(*.ag)"
"Suffixes"="ag"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\MimeTypes\application/x-silverlight-2]
@DACL=(02 0000)
"Description"="Ag Player Plugin(*.ag)"
"Suffixes"="ag"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3\MimeTypes\application/x-vnd.google.update3webcontrol.3]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9\MimeTypes\application/x-vnd.google.oneclickctrl.9]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\Adobe Reader\MimeTypes\application/pdf]
@DACL=(02 0000)
@=""
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\Adobe Reader\MimeTypes\application/vnd.adobe.xdp+xml]
@DACL=(02 0000)
@=""
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\Adobe Reader\MimeTypes\application/vnd.adobe.xfd+xml]
@DACL=(02 0000)
@=""
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\Adobe Reader\MimeTypes\application/vnd.adobe.xfdf]
@DACL=(02 0000)
@=""
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\MozillaPlugins\Adobe Reader\MimeTypes\application/vnd.fdf]
@DACL=(02 0000)
@=""
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-10-18 07:29:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-18 05:29
ComboFix2.txt 2014-10-17 19:42
.
Před spuštěním: Volných bajtů: 51 956 150 272
Po spuštění: Volných bajtů: 51 488 247 808
.
- - End Of File - - 6E78EAD81843A6006DD16B6691200A68
A36C5E4F47E84449FF07ED3517B43A31

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2014-10-18 10:38:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (9%) free of 554 GB
Total RAM: 8175 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:00, on 18.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GamingMouseEditor] "C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" Minimum
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - Startup: Curse.lnk = admin\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10019 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=af419b48-f380-4216-9f94-1e5588fa1d7e /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\0e811d0b-9433-4427-9e3a-3f00f2e83554-1b0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss d4b1a15d-7475-46b6-a209-3960c0844164 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "13884852387899027041691165171-3149047721579125483-818649159597457653-1263447299
\??\C:\Windows\system32\conhost.exe "-1730751777-2116244161-1186291507-18695120772139304751386859021837311050-1715503296
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2916
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe" Minimum
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=03eabf6b-c232-4246-aa49-655aa68b7467 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\71e9d92b-a6d8-4c28-8199-9756399aeb3e-1034-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
raptr_im.exe
"C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe" /uac /startup
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6132.0.1775471879\1420390188" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,44 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.1.4587805\13626716" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.3.1413169678\1660792522" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.4.1592853195\230706284" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.8.1015506976\236690766" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.24.1168530833\639177521" /prefetch:673131151
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4c26a521-a13b-4990-be62-4ee84e242790 -SystemEventPortName:HostProcess-ef4dd591-2500-4eb6-a7d3-127ed7942722 -IoCancelEventPortName:HostProcess-40581d77-16ec-4115-a4ac-98227be8ee96 -NonStateChangingEventPortName:HostProcess-d3bbe148-5364-4f51-9fec-57c3a2fc82a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:94a39b9a-490d-4774-818a-4346f12ab6ec -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.36.564753925\714686152" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group23 stable:pp1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="6132.38.461825175\254106228" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\admin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default

prefs.js - "browser.search.suggest.enabled" - true
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\j1u9vxj8.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-07 11858536]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"GamingMouseEditor"=C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe [2012-08-17 3333120]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2014-10-17 55568]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-08-25 5188112]

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
"HideSCAHealth"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-10-18 10:38:52 ----D---- C:\rsit
2014-10-18 10:38:52 ----D---- C:\Program Files\trend micro
2014-10-18 07:29:04 ----D---- C:\Windows\temp
2014-10-18 07:29:03 ----A---- C:\ComboFix.txt
2014-10-18 07:24:09 ----SHD---- C:\$RECYCLE.BIN
2014-10-17 21:33:46 ----A---- C:\Windows\zip.exe
2014-10-17 21:33:46 ----A---- C:\Windows\SWSC.exe
2014-10-17 21:33:46 ----A---- C:\Windows\SWREG.exe
2014-10-17 21:33:46 ----A---- C:\Windows\sed.exe
2014-10-17 21:33:46 ----A---- C:\Windows\PEV.exe
2014-10-17 21:33:46 ----A---- C:\Windows\NIRCMD.exe
2014-10-17 21:33:46 ----A---- C:\Windows\MBR.exe
2014-10-17 21:33:46 ----A---- C:\Windows\grep.exe
2014-10-17 21:33:42 ----D---- C:\Qoobox
2014-10-17 21:33:31 ----D---- C:\Windows\erdnt
2014-10-16 06:52:54 ----A---- C:\Windows\zoek-delete.exe
2014-10-15 19:54:56 ----D---- C:\AdwCleaner
2014-10-15 07:27:46 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 06:36:54 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 06:36:53 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 06:36:53 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 06:36:53 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 06:36:53 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 06:36:53 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 06:36:53 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 06:36:45 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-15 06:36:45 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-15 06:36:26 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 06:36:26 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 06:36:26 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 06:36:26 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 06:36:24 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 06:36:22 ----A---- C:\Windows\system32\mf.dll
2014-10-15 06:36:21 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 06:36:21 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:36:20 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 06:36:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 06:36:17 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:36:16 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 06:36:15 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 06:36:15 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 06:36:15 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 06:36:15 ----A---- C:\Windows\system32\ci.dll
2014-10-15 06:36:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 06:36:12 ----A---- C:\Windows\system32\winload.exe
2014-10-15 06:36:12 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 06:36:11 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 06:36:11 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 06:36:11 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 06:36:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:36:11 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 06:36:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 06:36:10 ----A---- C:\Windows\system32\evr.dll
2014-10-15 06:36:08 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 06:36:07 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 06:36:07 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 06:36:06 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 06:36:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 06:36:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 06:36:05 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 06:36:05 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 06:36:05 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 06:36:05 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 06:36:05 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 06:36:03 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 06:36:03 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 06:36:02 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 06:36:01 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 06:36:01 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 06:36:01 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 06:36:01 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 06:36:01 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 06:36:01 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 06:36:01 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 06:36:01 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 06:36:01 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 06:36:01 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 06:36:01 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 06:36:00 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 06:36:00 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 06:36:00 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 06:36:00 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 06:36:00 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 06:36:00 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:36:00 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 06:36:00 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 06:36:00 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:36:00 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:35:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 06:35:59 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 06:35:59 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 06:35:59 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 06:35:59 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 06:35:59 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 06:35:59 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 06:35:59 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 06:35:47 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 06:35:47 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 06:35:47 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 06:35:43 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 06:35:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 06:35:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 06:35:43 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 06:35:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 06:35:42 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:35:42 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 06:35:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 06:35:42 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 06:35:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 06:35:41 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 06:35:41 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 06:35:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 06:35:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 06:35:41 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 06:35:41 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 06:35:40 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 06:35:40 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 06:35:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 06:35:39 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 06:35:39 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 06:35:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 06:35:38 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 06:35:38 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 06:35:38 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 06:35:38 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 06:35:37 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 06:35:37 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 06:35:36 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 06:35:36 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 06:35:36 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 06:35:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 06:35:36 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 06:35:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:35:35 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 06:35:14 ----A---- C:\Windows\system32\msi.dll
2014-10-15 06:35:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 06:34:45 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 06:34:32 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 06:34:32 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 06:34:21 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 06:34:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 06:34:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 06:34:21 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 06:34:21 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 06:34:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 06:34:21 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 06:34:21 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:34:21 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 06:34:21 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 06:34:21 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 06:34:03 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 06:34:03 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 06:34:02 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 06:34:02 ----A---- C:\Windows\system32\packager.dll
2014-10-12 20:29:55 ----D---- C:\Users\admin\AppData\Roaming\Carbon
2014-10-04 17:20:17 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-10-01 06:22:08 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 06:22:08 ----A---- C:\Windows\system32\qdvd.dll
2014-09-25 13:37:59 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-09-25 13:37:59 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-09-24 14:20:46 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 14:20:46 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-18 10:38:52 ----RD---- C:\Program Files
2014-10-18 10:37:51 ----D---- C:\ProgramData\MFAData
2014-10-18 10:10:16 ----D---- C:\Windows\System32
2014-10-18 10:10:16 ----D---- C:\Windows\inf
2014-10-18 10:10:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-18 10:09:37 ----D---- C:\Users\admin\AppData\Roaming\Skype
2014-10-18 07:35:19 ----D---- C:\Users\admin\AppData\Roaming\Raptr
2014-10-18 07:31:46 ----D---- C:\ProgramData\NVIDIA
2014-10-18 07:30:46 ----D---- C:\Windows\system32\config
2014-10-18 07:29:05 ----D---- C:\Windows\system32\drivers
2014-10-18 07:29:04 ----D---- C:\Windows
2014-10-18 07:24:10 ----A---- C:\Windows\system.ini
2014-10-18 07:23:59 ----D---- C:\Windows\system32\drivers\etc
2014-10-18 07:18:32 ----D---- C:\Windows\SYSWOW64\drivers
2014-10-18 07:18:32 ----D---- C:\Windows\SysWOW64
2014-10-18 07:18:32 ----D---- C:\Windows\AppPatch
2014-10-18 07:18:31 ----D---- C:\Program Files (x86)\Common Files
2014-10-18 07:12:31 ----SHD---- C:\System Volume Information
2014-10-18 06:57:40 ----D---- C:\Program Files (x86)\Steam
2014-10-18 06:54:44 ----D---- C:\Program Files (x86)\Raptr
2014-10-18 06:53:07 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-17 21:33:36 ----D---- C:\Windows\Prefetch
2014-10-17 13:38:24 ----RD---- C:\Program Files (x86)
2014-10-17 13:29:15 ----D---- C:\Users\admin\AppData\Roaming\.minecraft
2014-10-16 20:36:32 ----D---- C:\Users\admin\AppData\Roaming\uTorrent
2014-10-16 20:36:26 ----D---- C:\Windows\Resources
2014-10-16 20:35:38 ----D---- C:\Users\admin\AppData\Roaming\vlc
2014-10-16 06:50:19 ----SHD---- C:\Windows\Installer
2014-10-16 06:50:17 ----D---- C:\ProgramData
2014-10-16 06:23:34 ----D---- C:\Windows\system32\catroot2
2014-10-15 20:58:23 ----D---- C:\Windows\rescache
2014-10-15 20:11:01 ----D---- C:\FRST
2014-10-15 15:07:37 ----D---- C:\Windows\Microsoft.NET
2014-10-15 15:05:01 ----RSD---- C:\Windows\assembly
2014-10-15 14:13:54 ----D---- C:\Users\admin\AppData\Roaming\TS3Client
2014-10-15 14:11:57 ----D---- C:\Windows\debug
2014-10-15 13:27:46 ----D---- C:\Windows\winsxs
2014-10-15 13:23:40 ----RSD---- C:\Windows\Fonts
2014-10-15 13:23:39 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 13:23:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 13:23:39 ----D---- C:\Program Files\Windows Media Player
2014-10-15 13:23:39 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 13:23:38 ----D---- C:\Windows\system32\en-US
2014-10-15 13:23:38 ----D---- C:\Windows\system32\Dism
2014-10-15 13:23:38 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 13:23:36 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 13:23:36 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 13:23:36 ----D---- C:\Windows\system32\Boot
2014-10-15 13:23:34 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 13:23:34 ----D---- C:\Program Files\Internet Explorer
2014-10-15 13:23:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 07:31:43 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 07:27:35 ----D---- C:\Windows\system32\MRT
2014-10-15 07:24:20 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 06:55:32 ----D---- C:\Windows\system32\Tasks
2014-10-15 06:55:28 ----D---- C:\Windows\Tasks
2014-10-15 06:33:58 ----D---- C:\Windows\system32\catroot
2014-10-15 06:31:24 ----D---- C:\Users\admin\AppData\Roaming\Curse Client
2014-10-14 12:07:52 ----D---- C:\ProgramData\AVG2014
2014-10-14 12:06:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-09 06:24:44 ----D---- C:\Program Files\CPUID
2014-10-05 15:46:15 ----D---- C:\Program Files (x86)\Origin
2014-10-04 15:58:54 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-10-04 08:38:18 ----D---- C:\Program Files (x86)\Origin Games
2014-10-04 08:37:46 ----D---- C:\ProgramData\Origin
2014-09-25 14:11:40 ----D---- C:\Users\admin\AppData\Roaming\SPORE
2014-09-25 13:38:03 ----D---- C:\Windows\system32\DriverStore
2014-09-24 19:04:43 ----SD---- C:\ProgramData\Microsoft
2014-09-24 17:47:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-24 06:26:48 ----D---- C:\Users\admin\AppData\Roaming\.mono
2014-09-23 23:19:22 ----D---- C:\ProgramData\Skype
2014-09-23 23:19:19 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-08-06 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-22 381440]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-06-17 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-03-21 49952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-28 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-07 2890984]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 aaj6qih2;aaj6qih2; C:\Windows\system32\drivers\aaj6qih2.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-09-24 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-12-21 30528]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-25 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-08-25 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-08-22 9216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-29 76152]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Jeste jeden sken a budem mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 18.10.2014 13:41:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 3,68 Gb Available Physical Memory | 46,11% Memory free
15,97 Gb Paging File | 11,91 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 540,79 Gb Total Space | 47,58 Gb Free Space | 8,80% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 335,14 Gb Free Space | 85,80% Space Free | Partition Type: NTFS
Drive H: | 14,52 Gb Total Space | 14,52 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.18 13:05:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2014.10.17 21:49:12 | 006,048,520 | ---- | M] (Curse, Inc) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
PRC - [2014.10.17 20:24:56 | 000,045,840 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2014.10.17 20:24:54 | 000,066,832 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.17 04:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014.07.02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.06.29 18:29:57 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.08.17 11:23:07 | 003,333,120 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
PRC - [2010.04.22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe


========== Modules (No Company Name) ==========

MOD - [2014.10.15 23:44:26 | 002,407,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\ltc_host_ex.dll
MOD - [2014.10.15 15:06:29 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014.10.15 15:06:28 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014.10.15 15:06:27 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\63e9d81bd805aea8f8690fee2efc9a9e\PresentationFramework-SystemCore.ni.dll
MOD - [2014.10.15 15:06:27 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll
MOD - [2014.10.15 15:05:45 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\7f372539d1837d70e88821cc20ed6530\System.Net.Http.ni.dll
MOD - [2014.10.15 15:05:44 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014.10.15 15:05:33 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014.10.15 07:33:29 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014.10.15 07:33:21 | 013,643,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\d12ecb88500237067aa30b40081d51b7\System.Web.ni.dll
MOD - [2014.10.15 07:33:21 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014.10.15 07:33:18 | 000,785,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\b09b4172f3978fe066418f429795661a\System.EnterpriseServices.ni.dll
MOD - [2014.10.15 07:33:18 | 000,250,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\b09b4172f3978fe066418f429795661a\System.EnterpriseServices.Wrapper.dll
MOD - [2014.10.15 07:33:17 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\a26884cd80c1d4a7e3f00c795e5cb305\System.Transactions.ni.dll
MOD - [2014.10.15 07:33:17 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\6c97a46aff5154a7217a528e86698ab3\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014.10.15 07:33:16 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014.10.15 07:33:15 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014.10.15 07:33:15 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\54565a827b0e5a6f78e93e2ae06dd0e4\System.Runtime.Remoting.ni.dll
MOD - [2014.10.15 07:33:14 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014.10.15 07:33:14 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014.10.15 07:33:13 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MOD - [2014.10.15 07:33:12 | 001,947,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\dd47bb843c62ff156baac3ff9fd23fa9\Microsoft.VisualBasic.ni.dll
MOD - [2014.10.15 07:33:12 | 001,046,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll
MOD - [2014.10.15 07:33:09 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014.10.15 07:33:09 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014.10.15 07:33:09 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014.10.15 07:33:08 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014.10.15 07:33:08 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014.10.15 07:33:07 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014.10.15 07:33:06 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014.10.15 07:33:05 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014.10.10 04:04:04 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014.06.18 02:56:00 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2014.05.19 17:05:14 | 000,437,248 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
MOD - [2014.05.19 17:04:42 | 000,307,712 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\opus.dll
MOD - [2014.05.14 01:26:54 | 001,662,464 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2014.05.14 01:26:54 | 000,494,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2014.05.14 01:26:52 | 005,812,736 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2014.05.14 01:26:52 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2014.05.14 01:26:40 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2014.02.14 11:34:07 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.02.14 11:34:06 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll
MOD - [2014.02.13 22:02:09 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014.02.13 22:02:09 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2013.11.21 02:05:26 | 000,256,000 | ---- | M] () -- C:\Program Files (x86)\Raptr\amd_ags.dll
MOD - [2013.05.10 01:52:58 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2013.05.10 01:52:58 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2013.05.10 01:52:56 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2013.05.03 20:57:16 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2013.05.03 20:57:14 | 001,053,730 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2013.05.03 20:57:06 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2013.05.03 20:57:04 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2013.05.03 20:57:02 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2013.05.03 20:57:00 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2013.05.03 20:56:50 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2013.05.03 20:56:46 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2013.05.03 20:56:44 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2012.08.17 11:23:07 | 003,333,120 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
MOD - [2011.08.10 13:43:19 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_Wheel4D.dll
MOD - [2011.05.20 16:52:09 | 000,901,632 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\ProfileHint\ProfileHint.dll
MOD - [2011.04.12 15:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.04.06 16:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_PenSuit.dll
MOD - [2011.03.21 19:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011.02.15 20:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011.02.15 20:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2011.01.09 20:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 17:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.23 01:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010.11.23 00:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010.11.23 00:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010.11.23 00:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010.11.23 00:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010.11.23 00:57:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32trace.pyd
MOD - [2010.11.23 00:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010.11.23 00:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010.11.23 00:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010.11.23 00:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010.11.23 00:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010.11.23 00:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010.11.23 00:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010.11.23 00:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010.11.23 00:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010.11.23 00:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010.11.23 00:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010.11.23 00:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010.11.23 00:56:02 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Raptr\select.pyd
MOD - [2010.11.23 00:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2010.11.01 20:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 14:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 14:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_ScrollbarControl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.17 04:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.08.25 14:15:43 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014.09.24 17:47:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.23 06:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.08.22 15:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014.07.02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.06.29 18:29:57 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.09.17 04:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.09.04 21:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014.07.21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014.06.30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014.06.17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014.06.17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014.06.17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014.06.17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014.06.17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014.03.21 07:47:46 | 000,049,952 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014.01.22 19:34:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.11.28 15:42:09 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.11.28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.26 10:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.16 16:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.15 14:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 14:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 14:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.10.05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2014.09.24 19:04:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.12.21 15:05:18 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{56BDA143-45F6-1B1F-30C0-5B302351896D}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2537}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{18E128BE-23DF-43AA-B7E8-39B281D3B273}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{19BB1D2D-3D1A-45CE-B9C9-0B02CB4BBE79}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{33D8DCAE-DB5A-48BB-A4CB-56CC355BBC7C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{3999A50A-EE8B-40C5-9FAC-87BEA3F78A60}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{56BDA143-45F6-1B1F-30C0-5B302351896D}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{676DE352-54FE-4439-8EBC-2F74DBD03EB7}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{71C1095D-B2A0-4549-AC26-D1004A7A8FE5}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{91D73228-6611-417c-83E2-D232220544CE}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{A7C4C61A-AAD9-4BC2-967A-296E63C840E7}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{B1D5E8A3-91DE-42D9-9AAD-731FA75B4EF9}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{E75ECBAC-DB98-4013-BC29-50DDCDB9F41B}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\624342E2D3A94BE5A47DB9E254A55144: "URL" = http://isearch.avg.com/search?cid={EA0E ... 2012-01-20 07:35:03&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.3.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnG=Google+Search&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.27 08:45:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.09.17 13:32:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2012.01.30 19:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2014.10.15 19:57:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\j1u9vxj8.default\extensions
[2014.05.24 20:10:30 | 000,007,911 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\j1u9vxj8.default\searchplugins\Google.xml
[2014.06.20 07:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.07.02 09:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.09.14 20:21:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J1U9VXJ8.DEFAULT\EXTENSIONS\EXTENSION@LINKEYPROJECT.COM
File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J1U9VXJ8.DEFAULT\EXTENSIONS\FASTSTARTFF@GMAIL.COM
[2011.12.21 09:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 08:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 08:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 08:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 08:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 08:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg\1.0.3.1_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.20_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.10.3_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo\1.4_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.10.18 07:23:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000..\Run: [GamingMouseEditor] C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe ()
O4 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk = C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.195.165.131 217.195.160.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46FE2406-099A-47C5-806C-DF48FFD23A86}: DhcpNameServer = 217.195.165.131 217.195.160.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE6F42A-B4B7-4384-AA57-125CFCBBCF42}: DhcpNameServer = 217.195.165.131 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.10.18 13:05:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.10.18 10:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.18 10:38:52 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.18 07:29:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.10.18 07:24:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.10.17 21:33:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.10.17 21:33:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.10.17 21:33:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.10.17 21:33:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.10.17 21:33:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.10.17 21:27:08 | 005,583,559 | R--- | C] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2014.10.16 06:52:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Temp
[2014.10.15 19:54:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.15 07:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014.10.15 06:36:53 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.10.15 06:36:53 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.10.15 06:36:53 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014.10.15 06:36:53 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014.10.15 06:36:53 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014.10.15 06:36:53 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014.10.15 06:36:26 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2014.10.15 06:36:26 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2014.10.15 06:36:26 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2014.10.15 06:36:26 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2014.10.15 06:36:24 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.10.15 06:36:22 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.10.15 06:36:21 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2014.10.15 06:36:21 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2014.10.15 06:36:20 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.10.15 06:36:18 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.10.15 06:36:17 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2014.10.15 06:36:16 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.10.15 06:36:15 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014.10.15 06:36:15 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.10.15 06:36:15 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2014.10.15 06:36:14 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014.10.15 06:36:13 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014.10.15 06:36:13 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.10.15 06:36:12 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014.10.15 06:36:12 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014.10.15 06:36:11 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.10.15 06:36:11 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014.10.15 06:36:11 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014.10.15 06:36:10 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.10.15 06:36:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2014.10.15 06:36:08 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.10.15 06:36:07 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014.10.15 06:36:06 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.10.15 06:36:05 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.10.15 06:36:05 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014.10.15 06:36:05 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2014.10.15 06:36:05 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2014.10.15 06:36:05 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.10.15 06:36:05 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2014.10.15 06:36:05 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2014.10.15 06:36:05 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2014.10.15 06:36:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2014.10.15 06:36:01 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2014.10.15 06:36:01 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2014.10.15 06:36:01 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2014.10.15 06:36:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014.10.15 06:36:01 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2014.10.15 06:36:01 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014.10.15 06:36:01 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2014.10.15 06:36:01 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014.10.15 06:36:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014.10.15 06:36:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.10.15 06:36:00 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2014.10.15 06:36:00 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014.10.15 06:36:00 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2014.10.15 06:36:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2014.10.15 06:36:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014.10.15 06:36:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014.10.15 06:36:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014.10.15 06:36:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2014.10.15 06:35:59 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.10.15 06:35:59 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.10.15 06:35:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2014.10.15 06:35:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2014.10.15 06:35:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2014.10.15 06:35:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2014.10.15 06:35:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2014.10.15 06:35:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2014.10.15 06:35:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014.10.15 06:35:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014.10.15 06:35:47 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.15 06:35:47 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.15 06:35:47 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.15 06:35:43 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.10.15 06:35:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.10.15 06:35:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.10.15 06:35:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.10.15 06:35:42 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.10.15 06:35:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.15 06:35:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.15 06:35:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.10.15 06:35:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.10.15 06:35:41 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.10.15 06:35:41 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.10.15 06:35:41 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.10.15 06:35:41 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.10.15 06:35:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.10.15 06:35:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.10.15 06:35:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.10.15 06:35:40 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.10.15 06:35:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.10.15 06:35:39 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.10.15 06:35:39 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.10.15 06:35:39 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.10.15 06:35:39 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.10.15 06:35:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.10.15 06:35:39 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.10.15 06:35:38 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.10.15 06:35:38 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.10.15 06:35:38 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.10.15 06:35:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.10.15 06:35:37 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.10.15 06:35:37 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.10.15 06:35:36 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.10.15 06:35:36 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.10.15 06:35:36 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.10.15 06:35:36 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.10.15 06:35:35 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.10.15 06:35:14 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.10.15 06:34:45 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.10.15 06:34:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014.10.15 06:34:32 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014.10.15 06:34:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.10.15 06:34:21 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014.10.15 06:34:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014.10.15 06:34:03 | 006,584,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.10.15 06:34:03 | 005,703,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.10.15 06:34:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.10.15 06:34:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.10.12 20:29:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Carbon
[2014.10.08 06:29:51 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\KSP_win
[2014.10.07 14:00:59 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\ksp-win64-0-24-2
[2014.10.04 17:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.10.01 06:22:08 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.10.01 06:22:08 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.25 13:37:59 | 000,038,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.09.25 13:37:59 | 000,032,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.09.23 23:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.09.23 23:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.10.18 13:09:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.18 13:05:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.10.18 12:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.10.18 10:35:10 | 001,222,144 | ---- | M] () -- C:\Users\admin\Desktop\RSITx64.exe
[2014.10.18 10:10:16 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.18 10:10:16 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.18 10:10:16 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.18 10:10:16 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.18 10:10:16 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.18 07:40:32 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.18 07:40:32 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.18 07:31:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.18 07:31:41 | 2134,253,567 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.18 07:23:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.10.17 21:25:02 | 005,583,559 | R--- | M] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2014.10.17 18:05:23 | 000,090,340 | ---- | M] () -- C:\Users\admin\Desktop\10603669_832087876850161_5065591257805604012_n.jpg
[2014.10.16 06:38:21 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014.10.15 13:26:24 | 005,044,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.10.10 04:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.10 04:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.10 04:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.08 15:07:18 | 001,128,793 | ---- | M] () -- C:\Users\admin\Desktop\Krevní obraz - David Jonáš 001.jpg
[2014.10.08 14:19:41 | 000,896,382 | ---- | M] () -- C:\Users\admin\Desktop\Oční vyšetření - David Jonáš.jpg
[2014.10.04 15:58:54 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.10.04 15:58:54 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.10.04 15:58:31 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.09.26 00:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.09.26 00:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.09.26 00:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.09.25 04:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.25 03:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.09.24 19:04:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014.09.24 17:47:11 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.09.24 17:47:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.09.19 03:55:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.09.19 03:40:43 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.09.19 03:40:03 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.09.19 03:39:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.09.19 03:38:27 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.09.19 03:36:57 | 005,829,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.09.19 03:30:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.09.19 03:27:09 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.09.19 03:26:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.09.19 03:25:09 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.09.19 03:18:02 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.09.19 03:14:28 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.09.19 03:06:47 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.09.19 03:01:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.09.19 03:01:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.09.19 03:01:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.09.19 03:00:45 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.09.19 02:59:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.09.19 02:58:03 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.09.19 02:53:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.09.19 02:51:24 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.09.19 02:50:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.09.19 02:49:31 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.09.19 02:42:57 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.09.19 02:42:56 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.09.19 02:40:12 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.09.19 02:36:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.09.19 02:32:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.09.19 02:18:55 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.09.19 01:59:26 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.09.19 01:52:24 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.10.18 13:09:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.18 10:38:39 | 001,222,144 | ---- | C] () -- C:\Users\admin\Desktop\RSITx64.exe
[2014.10.17 21:33:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.10.17 21:33:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.10.17 21:33:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.10.17 21:33:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.10.17 21:33:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.10.17 18:05:23 | 000,090,340 | ---- | C] () -- C:\Users\admin\Desktop\10603669_832087876850161_5065591257805604012_n.jpg
[2014.10.16 06:52:54 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014.10.08 15:06:30 | 001,128,793 | ---- | C] () -- C:\Users\admin\Desktop\Krevní obraz - David Jonáš 001.jpg
[2014.10.08 14:18:56 | 000,896,382 | ---- | C] () -- C:\Users\admin\Desktop\Oční vyšetření - David Jonáš.jpg
[2014.05.04 16:07:49 | 000,000,049 | ---- | C] () -- C:\Users\admin\AppData\Roaming\install.imp
[2014.02.20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2014.01.21 20:09:01 | 000,007,619 | ---- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2013.12.31 20:39:52 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.11.27 17:10:31 | 000,000,536 | ---- | C] () -- C:\Windows\eReg.dat
[2013.10.16 15:44:54 | 000,707,354 | ---- | C] () -- C:\Windows\unins000.exe
[2013.10.16 15:44:54 | 000,001,531 | ---- | C] () -- C:\Windows\unins000.dat
[2013.09.15 12:06:35 | 000,000,134 | ---- | C] () -- C:\Users\admin\AppData\Roaming\WB.CFG
[2013.08.05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013.08.05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.10.17 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.minecraft
[2014.09.24 06:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.mono
[2014.08.28 20:15:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.technic
[2013.03.10 17:49:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.techniclauncher
[2013.08.12 12:10:00 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\3909
[2014.04.25 13:55:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG
[2014.08.28 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG2014
[2013.12.20 14:21:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Awesomium
[2014.04.16 10:20:41 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BANDISOFT
[2014.01.22 14:05:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Blockscape
[2014.10.12 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Carbon
[2014.08.28 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse
[2014.10.15 06:31:24 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse Client
[2014.09.12 14:21:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2014.01.19 15:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Double Fine
[2014.01.22 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2014.01.29 20:15:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Facepunch
[2013.08.25 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Fatshark
[2012.03.17 20:13:01 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Firefly Studios
[2012.04.04 15:14:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\flightgear.org
[2012.04.04 15:14:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\fltk.org
[2014.09.08 11:44:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HeroesAndGeneralsDesktop
[2014.05.13 10:13:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Java Map
[2013.12.16 08:29:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Kalypso Media
[2013.04.01 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\L.A.Noire
[2011.12.25 10:30:24 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2014.08.28 21:44:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\library_dir
[2013.08.29 21:14:44 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Little Inferno
[2013.03.12 19:47:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\LolClient
[2013.05.15 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Mount&Blade Warband
[2014.02.28 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\mPVR58rQ
[2012.07.29 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Need for Speed World
[2013.12.01 18:03:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\No Company Name
[2011.12.27 08:45:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opera
[2013.12.29 17:02:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Origin
[2014.10.18 11:33:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Raptr
[2014.01.22 19:32:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Seznam.cz
[2012.04.23 13:27:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SFBot
[2014.02.21 08:28:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Software Bisque
[2014.07.12 19:01:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SpaceEngineers
[2014.09.25 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SPORE
[2013.12.02 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.12.25 10:09:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Telefónica Móviles
[2013.11.28 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\The Creative Assembly
[2014.10.15 14:13:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TS3Client
[2012.01.20 14:46:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2013.02.03 18:08:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Unity
[2014.10.16 20:36:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2013.10.16 19:07:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\VitySoft
[2013.02.24 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wargaming.net
[2012.09.30 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wings3D
[2013.02.04 15:15:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.04 15:15:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 18.10.2014 13:41:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 3,68 Gb Available Physical Memory | 46,11% Memory free
15,97 Gb Paging File | 11,91 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 540,79 Gb Total Space | 47,58 Gb Free Space | 8,80% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 335,14 Gb Free Space | 85,80% Space Free | Partition Type: NTFS
Drive H: | 14,52 Gb Total Space | 14,52 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08279E5D-6DE3-4EB4-B5CB-40042C30E530}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2253C074-8B4E-4876-998B-5CB641AFDE34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A3FB1E5-1BA1-4614-9572-EDB9FD0E8369}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4977B085-0ACF-4F35-A767-1D18F8F66022}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{52832444-8B37-48C5-AF71-B313876DECCC}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{58616E01-E194-4C4F-B3B1-292565A15FC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FABB182-5521-4D32-9C57-3086D39E9BD5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A4BB455-EFAE-43DC-8F88-9EE07B6682B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{891729FA-1AA3-48C8-9D14-71E43222A116}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{89AE0925-B75A-4DE0-B814-1FAC3F750697}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F13C3B6-216C-44E2-B1C8-AF8FA729253E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{90782A83-C8C5-4B35-8786-26281CFEDE17}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A15E4613-F093-4667-BF54-C0271F02135C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BB7E505E-1B6C-4F63-A52F-760B4DB5BF86}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0BFB394-8E6D-4678-9FFC-4330B04AC49D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB67EBF3-7162-4B60-840C-8D831154560D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4B71AD9-D5FE-4D1E-9296-C689B4F6ABD9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DEAC8F2B-B280-430B-B975-7DC7EE124A9C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7F788FF-C0DC-4655-80A4-D2ED61ABBCAD}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{EB03D10B-B1B2-4D5C-93D1-1742EAA7B882}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EDA578BF-2881-43D2-A246-8E490E87F226}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EF002158-5C9C-44DF-BB49-1FF79276EBD8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BC0F7-6A94-46FA-88EF-6CDDCAE35655}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0270B808-2A11-4F53-A119-D452CB662F15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{035B9F46-11D9-416A-BA85-C21E802D6937}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dcsworld\run.exe |
"{050C5EB4-D940-4A83-84A9-C25187E08EFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{0671433D-629A-4B8B-95FE-3703979CB7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{07C0F038-7833-4938-AAF7-444CBB06A1B0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{0A524C07-C0A2-45E2-9195-27ECA73AED13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{0A7660CE-6C13-4941-84D4-EBB401E361E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{0A91EC14-BF34-4B00-8C6D-574D7FBC873E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{0AB9B6C9-209C-481C-8BEA-B3DAC29F50F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0C5CB6C0-F927-4883-9EE2-F9EE22046C16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{0CB6B851-E4F5-4E4B-A0D8-D2EF3F626316}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dcsworld\run.exe |
"{0E6C7C1D-053A-4817-B109-B1284F29BE11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{0F49FCEA-78D0-4D65-86AB-FD9A18DDC5B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wolves\starwolves.exe |
"{1237B92E-F2DC-40E1-9903-6B30AE4C0B22}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{12B55697-7FBE-40F7-8E6D-42411DA36E49}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2.exe |
"{131F3815-6BE2-4E0D-98EF-C14F1C2D5189}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{1342D5DD-22D9-4219-BC6E-C998D3E506D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\take on mars\tkom_loader.exe |
"{142C39EF-BBC0-4F0C-9A4F-8F9E4F3EEAF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{148908B2-1AA0-451C-8DAE-73DDA338C1C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{1654D0B0-471C-4B61-9D2B-8ADEA5A7B5B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1690F089-8AFF-41A6-A209-DD5EA878CC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{18F7AA2B-6F9E-404F-B404-C4474E226631}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{19A940BB-5F8F-4CFE-B92A-1C8A79EC93B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{19DF3862-D3EF-42A0-A128-585727E2B8FE}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{1BD3D90F-0245-4F07-8754-D2C72CC8A626}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1C81FE88-8CC5-45D2-A9EC-A6E51F6CD86A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{1DEF2252-6029-4D71-B1A3-FCC5C4451D6F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{1E35617A-DE1F-451C-9C0F-16DD535268CA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{2093E11D-D877-414D-99FA-7884BF0050B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20A4D979-C924-4862-98B8-3592BDA5C428}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{229CBE5E-F051-488B-BE61-435FD417768A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{22C03675-DCCE-480A-A457-CCBE66DD0F28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{2365F7DD-8146-447F-B851-1F5D6C057768}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{261251D5-2C1C-444B-8816-BA9FA85C5668}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{26BA05DA-E593-4982-9FD0-9A632B58118C}" = dir=in | app=c:\users\admin\appdata\local\microsoft\skydrive\skydrive.exe |
"{2C7E69D4-A15E-4AB0-A276-FF6004D079C8}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{2D424B3E-7DAC-493B-8C8B-F88B12A2815E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\configtool.exe |
"{2F342F54-D475-4FF3-9BE8-D0116670CC60}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{2FA0AFAC-5C7C-49C5-90E4-93170EDA5AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{2FB9042D-C5BA-4219-B3A3-952BDB6B860F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2FE04A8F-5C9A-4BC7-B003-40F4D6559CEC}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{30DE3348-073E-446F-A6ED-7EB657BF26C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{3116E4CD-ACFD-4918-9E3D-05E5F0663B98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{31A6420D-6EAC-471D-847D-23081516CF30}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{324F78C1-EE61-479A-BC98-C0DB39A1DD14}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3446D853-7B38-45D6-A470-0F73F1DD2E82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{344D1C70-03C1-41D0-B887-8D0F21CFA820}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34F10C01-8C0E-4B85-8703-22810CA7FFE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{375E5F58-F655-413E-AB65-64538F154805}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{37B88089-E7CB-4E45-814F-BEE587764C6D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{37FEC4AA-1758-4B89-9CD4-9E2735760FD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{390BF375-1B7E-412D-8FE8-3073303E6647}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{3C2636DB-6460-4FBE-8416-8E22C7BB8F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{3CD019DB-8FAF-47A3-B9DD-A9705BE3A479}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{41903B16-5C9D-4294-9600-8F29B810D646}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{42A11F0F-389C-48E3-AFC1-1FDED45D1D4E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{437C90D1-B70C-4670-B869-79AB60D83053}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{44185701-BE7D-4023-856B-7926C22FCEE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{45464091-75D6-490A-9FDE-18FAB45B4CBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{4679372A-55F3-411C-BB8A-8E677859CE6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4AFA089F-3CCA-4B66-B89B-B7DB54807EDA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{4B6AC7BA-0827-4FB8-89A3-9E8B3BD72EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{4F3317A6-05BA-4F27-A75F-9AB2E71314D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{50B69E8B-041B-4C31-BD8D-4FDF2A943466}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{5102F0FC-2651-44FE-BDB4-A5839C17DB22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{525D03F8-C7B2-4A40-9382-22E8039EE850}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{53D2D036-6352-4641-B4C9-7419AF54A49C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{53FA572E-4F83-45F1-BDDD-3009475860C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{54E42A30-A181-4ABA-BC10-541800CE2A97}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{5662A918-BAFD-40CD-8689-08AB8F339522}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{58471AC0-1714-4AD2-9A7E-C095ADBB951A}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{584DCC2B-7864-450A-9F05-B66F7A20AAA0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5A39657E-E48D-4398-8E5D-E81D5AFD197F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5D758B93-EA2D-484B-9EEF-66858B8F27A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{6063B793-38A2-4D0D-A145-81089EBB7BC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{60A243A3-3DEB-4804-8F24-24CD0827C77B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{60A90ADF-4EC7-4802-82A7-D9B40C341612}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{60D8BDE4-0E45-42F3-A1AF-47D0510922AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{61426279-E879-4094-A94D-F3264B744C91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{644542DE-11CE-4CAC-97B0-5C5E4E827350}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{678DF708-0E48-4C63-83B4-651BBE091972}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\configtool.exe |
"{67C84791-FB32-4DFE-9E59-79DDEA6B8FA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\viking.exe |
"{68AC891E-9B5D-4F7C-B7C3-3EF3D4E4E809}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69484E41-E9FF-44A5-914C-E22C88617F79}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69D0E4EA-F47D-4D27-B51B-14780C2E4F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{6B006E7B-5302-4FF2-88F9-E823ED94FDB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{6CA2B257-4BFC-49CB-9AE3-FE0B29139F47}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{6CE9F8C3-677F-4AB0-8C19-842C228F9FD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{6EAE7287-1F24-4040-8FA7-7714E6651949}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{6F59782D-3D6D-411A-8695-D63018BDCEBA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{6F6C4EC8-BD41-4674-8AF7-9EF3E6874CBC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{7186E2D4-61EC-434C-8BA6-E83F78FCB641}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{729D19A9-1D98-4607-869B-558C867D811A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7380E099-CBD2-4CE3-972E-F28C43D3B1AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{75E8FD3D-71A3-4BDF-9CB4-BFBF8511094E}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{762A159F-585C-4E67-909D-03073C9C26EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{764A3D6E-4CCE-4262-9AFA-5262BAEF29B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B8A8230-021A-46C0-9048-0340104F3A72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{7E52E8F1-3DDE-4C19-80EE-7B7CB175740D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7F03B214-9459-4731-97C0-081342B05C81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81B6D2ED-A38F-4B56-9392-D93FA10EA234}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{81B8D287-DC94-4CFC-B146-5A665DCC4DC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{826B31C4-EBD1-4121-AB59-AF1A169FE7D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{8325BB09-55E8-425C-92DD-CE1A89377462}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8336D767-1224-40A0-93C3-D70BAA9A2496}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83573846-063E-4C55-BFE4-9A1EAFDA4F1D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8362D881-05FC-4BB0-8F00-81B77623C8AC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A1D365A-1AFA-4FDB-AF07-FEDE886E045B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{905BC7E2-662B-4D83-9C90-92FBE972E84D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{9327B8FB-F82B-439C-B84B-ED64FA99AF24}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{944C3293-874B-44AA-9FCE-09FC2E4FD87B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{96AE396D-7C96-40D0-9A32-CAA0B8166B95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{9757A46A-2150-4568-9FB6-BB377D5BDF8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{989AFCB6-A431-4719-9386-7CAB0B749B9B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9BC70DC0-AE68-439F-9B31-A7316EC89DBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{A16878CA-72E1-41D7-9EEC-AB5EDE2B9417}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{A1942E96-6198-4540-82F3-96067AB2CED8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2B82FA1-1D65-44B2-A700-9E1DB7534A98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A558E497-3303-436F-8CFA-2198B6401E87}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A574BE68-B6AC-4AEB-BCE5-918EA97B5682}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5CBFEC2-A81E-41EA-BC00-2458859FB86F}" = protocol=6 | dir=out | app=system |
"{A695553C-EBDD-4B8D-8C48-D7FCB9044D23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{A7DEE4BC-8383-4C40-A2C3-3B1550EA35BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A8A28038-E99C-4160-9090-7F8857ED78E9}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{A950761C-CEAB-4C1B-A1B5-BAE9574D41BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{A953E2C3-245C-4B86-9409-1C00A4D761DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A9666CF6-52DC-4CE4-9A41-7BF043DEC06A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A9980C62-D5F5-4152-A708-7FE87341DADA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{AA109485-4259-4A08-A924-5318302710C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{AAE5E640-AB79-4A7B-8510-7D712D588662}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the vikings limited public alpha\run_game.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ABD1CBCC-AE9D-4A3C-940D-C6F2D12FD8DF}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{ABD5845E-5BF2-4EFB-88BE-2EB856BCFCD4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{ABDF3337-4426-4002-A8DE-C46F3E9BC4DB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{AD0BBC02-E0F4-4F13-A0AA-58BCF29AA99A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AD8C7937-1097-4DB4-9E78-FDBFBA29ED11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{AF1C00F8-A785-43B3-B81D-DB35EEA194F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B11787C8-9CB9-4AA3-A945-A645CA07F296}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{B2334217-EAA4-43F7-A075-986C1AC6FB95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B24766F2-D990-41B3-B2B1-39E0AA0FC7B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7EEA85B-3FE5-45BF-B10D-097465469052}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B8BD0119-A318-474D-AD5F-EC9B5E83F762}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{B8E5CF4D-45B0-4A5A-A014-02E2FDFCA0C7}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{BBF3FA80-CD7B-4E99-8F1E-6E696C0CB581}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BC020E50-5F73-49F1-A307-C227B0DF8692}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{BC06513F-C79A-471C-AE8F-BA31F6D01DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BE3CFEFA-AAA8-478F-8B45-109435A86FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{BE4B0764-F9C3-4155-9F82-15DD34D014A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4785D76-6B2E-4B03-90A2-B7C1CAA854D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C47F513A-098C-4858-8BA6-D46F661290AF}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{C631359A-84F9-476A-9641-50292A88D837}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wolves\starwolves.exe |
"{C6F0DC4C-369E-47D2-A63E-E3BA9355C84A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C7A3D4C4-8B59-4F66-9ACB-F8B7537CECFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C8E5242B-A04A-49A2-8E02-B3EB57900D57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C9D4B024-4F47-48A8-B32F-EDC54DA89A1C}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{CBFE927C-47CE-4E27-ABBB-34F9DB2EDECB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{CC13D6B4-66B9-4408-8766-FA5CDDBEEC27}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{CD969D83-72C9-4E56-9093-59FA892DD3CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CE1C5DA5-9B59-4BB1-905E-419A87BAAA7D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the vikings limited public alpha\run_game.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE64C9D8-924D-4403-988C-A1032E65E1D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{CF2F1B9E-EC58-4EA0-98AE-2E9DBD7DF658}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{CFA96D69-144E-44E3-9B83-226B87006C72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D0446B48-0CF4-46C3-A778-24E7560F3666}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{D08B25FF-D0D6-412A-A37A-741D4F489FC4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{D08E3534-C143-4482-B20F-1B06A26EF848}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{D1F01EC6-2CD1-4DFF-8C44-DD866AAFB027}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2.exe |
"{D25992DF-C642-4573-BC6F-0EEE5F2B4052}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3975E2C-9317-478E-ABEC-4685A160F855}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{D478A8CC-F9C4-42DF-860D-08D26762E1D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\viking.exe |
"{D48A9E56-ABEA-420E-84C2-5AB4A37E7085}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{D4B5D83A-0D56-424E-8881-EF2C4AF47F07}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D4F5B36D-C3AB-4D17-B4BC-62B302B5C821}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{D54FF340-8F0C-40BA-9B5C-FC7D38073EC1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D6679489-946A-4E5A-86EC-981654729B8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{D724330C-02DE-45D8-B577-47492EFBC5F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D73810A5-B200-4141-85C7-155977406D04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{D79C5156-4CDB-4A8F-A7B1-F9EE05C1EF37}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D7AE679B-7878-4DBD-ACA8-E6B96898541A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{D8548EA5-E156-4B0F-B52A-701A4326E896}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9393C7C-4B37-420D-A830-B5C1E4B31259}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D9C21875-CFF1-4C95-A0C7-11F4F030D31F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{DB59E2F9-3127-4CBD-9BFA-C43EEC1EFAA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{DBB22619-08D2-45C9-901C-A71BAAF0E524}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{DE5C069D-6835-4BDC-8A5F-36871C09DD9A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DE94B3E4-A55C-4235-B0CE-4D0546A50926}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E07F6351-109C-4B40-A61A-0BF4B1DABD98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\take on mars\tkom_loader.exe |
"{E0FB7217-276E-4984-A65C-AC60E4EB058B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E14BD78F-D909-45ED-A387-C535AFC1F34D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E194CF64-2E24-48D3-9FE2-A29BCA098132}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{E1AC83E0-7576-4304-BD3F-81B07CA79E01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{E224AD47-8510-4FF0-A4DB-5767CF3EA909}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{E3D34FB0-CE6C-4ABC-8483-E92D29976223}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{E4287989-8B86-49CF-A33F-E4BD478867EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{E7934318-506E-426C-B491-80ECAFB534E1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8D23657-3812-45D7-927E-1867D1960FD4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{E918BADF-B11F-4FA4-9688-B075E50D03AA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9A13350-D6A0-4D95-B7A3-9C3D2E5F975B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EABC85C0-8114-46A7-9206-9237A5747AC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{EE624714-C1F6-4B90-BB52-7A7BC5340AEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFECBF62-6E35-4B48-AA40-23B9457BEA00}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F06F258A-F1C8-4590-BD35-C09E0988AEB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F1851AB4-78B8-42C4-B99A-F47CBA101DEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F40FB0F2-F4C9-4620-A9C7-D52C50F32528}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{F4CB389E-7E14-452E-A13E-B22859B3FA31}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{F61B892F-CA5E-4D26-850E-69A3C6A9C0C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F72A071D-B346-425C-BC9F-16EAE22F78E0}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{F72E7CB2-D612-473A-8EE3-551BE9BF3769}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F7672B53-612A-4812-8DAA-54A8A897205F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9326BF5-14B1-4D35-9492-76E1E25FB60A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{FA9DBADB-5AFB-4184-9A27-3FBC43A89BDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{FBE66121-32CE-4AF6-A34F-BC6C81C710E3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{FC3DFFAE-4034-4F04-A27F-2679711CB424}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{FCD14F79-4E19-4223-9390-785491F7FC85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{FDB5A143-909D-4837-AC9D-1B82230EBD38}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE451391-5E86-49DF-875A-05E461D73B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"TCP Query User{011E5A4B-28DE-4A1B-B89C-DC3577B033F1}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{015E2B08-4F7B-46F5-A37A-CDA39FC1DB15}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{06F92875-CC91-425F-97EE-AC58002B41A5}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{14761D2E-F041-404C-82DA-6AB8EE29E923}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{1BC209B6-7C77-4905-A5EB-ABBEF88BFC92}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{23BA76FB-6274-4C03-A509-5A79DBBDC667}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe |
"TCP Query User{7D91CC43-BC75-434C-8484-8E3CD480F947}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{8545547E-532E-4CD5-955D-256AEE621AA2}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{88EDF72E-5DE2-4A9A-8F82-DFB7E737F8FE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{9978A1A1-087B-44F0-85AB-DC1D0FE403F8}C:\program files (x86)\techland\call of juarez\coj.exe" = protocol=6 | dir=in | app=c:\program files (x86)\techland\call of juarez\coj.exe |
"TCP Query User{B55858E5-C308-401D-BE7F-58174CF9059F}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{D3FC8DFE-74D4-4B67-9EF4-37B4204CAC63}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{D7D22B46-FC0B-431A-B2FB-5A231C941466}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{DFF9B467-B002-4496-AFFD-9447000A88A7}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{E24E6B87-A4F2-4CFB-AC03-831B50048073}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F741ECC4-D679-4DE9-A5BE-D3145D2F742F}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{F8C01A70-5111-405F-8C2F-014F3C0CE727}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0CD0982C-B243-4BD1-BC40-EAF7AD6CF690}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0EA3CFF7-A931-460B-ACE8-28E87A435FF1}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{3C1A3CFE-C5A6-4DC2-B62C-EDBB9B3D169C}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{3EA52AB7-D501-4C83-A050-92FBCC25D191}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6489A25A-783D-4B1E-A091-C9AA4F05D21E}C:\program files (x86)\techland\call of juarez\coj.exe" = protocol=17 | dir=in | app=c:\program files (x86)\techland\call of juarez\coj.exe |
"UDP Query User{6EF06DBE-9C2A-481C-9D02-2034157E0247}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"UDP Query User{706724EE-8A69-41BF-A892-B433FEE08DA2}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe |
"UDP Query User{71BD9226-5B98-415C-B06D-D74DE8BCA2B9}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{77E1D513-8487-4E4F-9CAF-D2E6AE4D07D0}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{82E15EFE-17E9-4741-AA7C-594139B54102}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{86C10291-5C9B-4E48-B9ED-5590F16ADFC6}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"UDP Query User{93DF453B-CFB6-4A1F-941E-56EA6745D91F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AC9344E8-C165-4F7A-8098-D9F2C2B6195E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{DAFA240B-FB59-448F-9E3C-0FCBFE5502B6}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{DBDE76C8-B0F3-4F80-A67F-A724190705E9}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{E0E77EF9-ACAD-4D6A-9443-0EDED43E2964}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{E1EEAA67-3668-43BE-8051-5C4DFA8F19F1}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1" = IMPI 2.0.0.429
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977EBBDB-BA86-4975-803C-A7FDDF92A10C}" = AVG 2014
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{B42D82E8-FF97-48BB-91AA-86717B2B6B16}" = AVG 2014
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"AVG" = AVG 2014
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
"Defraggler" = Defraggler
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1" = gpedt.msc 1.0
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{57030680-6253-4281-A3F3-83B090BD932B}_is1" = Crashday
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Plants vs. Zombies™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Kingdoms of Amalur: Reckoning
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}" = Dead Space
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}" = PVZ Garden Warfare
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.12) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}" = Curse
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}" = Wing Commander III
"{FC9F924E-9472-45F1-980D-8267E47AA054}" = Poke
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Aliens: Colonial Marines_is1" = Aliens: Colonial Marines
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Farm Frenzy 3: American Pie" = Farm Frenzy 3: American Pie
"FarmingSimulator2013INT_is1" = Farming Simulator 2013
"Fraps" = Fraps (remove only)
"GamingMouseEditor" = Gaming Mouse Editor
"GOGPACKREUS_is1" = Reus
"Google Chrome" = Google Chrome
"InstallShield_{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"L.A.Noire_R.G. Mechanics_is1" = L.A.Noire
"Mafia II_is1" = Mafia II
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"O2CZ" = O2
"OpenAL" = OpenAL
"Opera 12.17.1863" = Opera 12.17
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1" = Call of Juarez Gunslinger (c) Ubisoft version 1
"QnJpZGdlIFByb2plY3Q=_is1" = Bridge Project version 1
"Raptr" = Raptr
"Revo Uninstaller" = Revo Uninstaller 1.95
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scribblenauts Unlimited_is1" = Scribblenauts Unlimited
"SevenZip" = SevenZip
"Sniper Elite V2_is1" = Sniper Elite V2
"SpeedFan" = SpeedFan (remove only)
"Steam App 104320" = Red Orchestra 2: Heroes of Stalingrad Beta
"Steam App 111800" = Blocks That Matter
"Steam App 12210" = Grand Theft Auto IV
"Steam App 206500" = AirMech
"Steam App 211160" = Viking: Battle for Asgard
"Steam App 218620" = PAYDAY 2
"Steam App 223750" = DCS World
"Steam App 224540" = Ace of Spades
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 227940" = Heroes & Generals
"Steam App 236390" = War Thunder
"Steam App 24240" = PAYDAY: The Heist
"Steam App 244030" = Take On Mars
"Steam App 301520" = Robocraft
"Steam App 304930" = Unturned
"Steam App 31280" = Poker Night at the Inventory
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 42160" = War of the Roses
"Steam App 440" = Team Fortress 2
"Steam App 46270" = Star Wolves
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Stronghold 3_is1" = Stronghold 3
"TheSkyX First Light for Windows_is1" = TheSkyX First Light Edition version 10.2.0 Build 6408
"VLC media player" = VLC media player
"Wings 3D 1.4.1" = Wings 3D 1.4.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.10.2014 0:57:36 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2014 9:26:47 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2014 14:39:16 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.10.2014 0:42:23 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.10.2014 15:47:03 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 0:53:16 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 1:24:20 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 1:33:14 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 30.5.2012 8:36:01 | Computer Name = admin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 64 seconds with 60 seconds of active time. This session ended with a crash.

Error - 30.5.2012 8:36:39 | Computer Name = admin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 31 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18.10.2014 4:07:24 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:25 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:26 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:27 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:27 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:28 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:29 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:30 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:31 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:32 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.


< End of report >

Nepostupoval jste podle navodu. OTL bylo spusteno bez vyhledavaciho skriptu. Takhle neukazuje nektere dulezite veci. Zkuste to jeste jednou.

Mám problém, už po 2. mi to hodilo chybu Cannot create fili C:\Users\admin\Desktop\cmd.bat. a zasekne se to .

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

OTL logfile created on: 18.10.2014 17:36:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 3,96 Gb Available Physical Memory | 49,61% Memory free
15,97 Gb Paging File | 11,38 Gb Available in Paging File | 71,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 540,79 Gb Total Space | 46,92 Gb Free Space | 8,68% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 335,14 Gb Free Space | 85,80% Space Free | Partition Type: NTFS
Drive H: | 14,52 Gb Total Space | 14,52 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.18 13:05:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Downloads\OTL.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.17 04:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014.07.02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.06.29 18:29:57 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.08.17 11:23:07 | 003,333,120 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
PRC - [2010.04.22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe


========== Modules (No Company Name) ==========

MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2012.08.17 11:23:07 | 003,333,120 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe
MOD - [2011.08.10 13:43:19 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_Wheel4D.dll
MOD - [2011.05.20 16:52:09 | 000,901,632 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\ProfileHint\ProfileHint.dll
MOD - [2011.04.12 15:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2011.04.06 16:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_PenSuit.dll
MOD - [2011.03.21 19:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011.01.09 20:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.12.02 17:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\Data\5Mode_OEM\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.01 20:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.09.20 14:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 14:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\dll\DLL_ScrollbarControl.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.17 04:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.08.25 14:15:43 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014.09.24 17:47:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.23 06:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.09.04 14:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.25 11:41:34 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.08.22 15:04:06 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014.07.02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.06.29 18:29:57 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.09.17 04:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.09.04 21:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014.07.21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014.06.30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014.06.17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014.06.17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014.06.17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014.06.17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014.06.17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014.03.21 07:47:46 | 000,049,952 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014.01.22 19:34:03 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.11.28 15:42:09 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.11.28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.26 10:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.16 16:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.15 14:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 14:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 14:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.10.05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2014.09.24 19:04:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.12.21 15:05:18 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{56BDA143-45F6-1B1F-30C0-5B302351896D}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2537}: "URL" = http://www.default-search.net/search?si ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{18E128BE-23DF-43AA-B7E8-39B281D3B273}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{19BB1D2D-3D1A-45CE-B9C9-0B02CB4BBE79}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{33D8DCAE-DB5A-48BB-A4CB-56CC355BBC7C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{3999A50A-EE8B-40C5-9FAC-87BEA3F78A60}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{56BDA143-45F6-1B1F-30C0-5B302351896D}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{676DE352-54FE-4439-8EBC-2F74DBD03EB7}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{71C1095D-B2A0-4549-AC26-D1004A7A8FE5}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{91D73228-6611-417c-83E2-D232220544CE}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{A7C4C61A-AAD9-4BC2-967A-296E63C840E7}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{B1D5E8A3-91DE-42D9-9AAD-731FA75B4EF9}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\{E75ECBAC-DB98-4013-BC29-50DDCDB9F41B}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_13415
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\..\SearchScopes\624342E2D3A94BE5A47DB9E254A55144: "URL" = http://isearch.avg.com/search?cid={EA0E ... 2012-01-20 07:35:03&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.3.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnG=Google+Search&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.0: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.27 08:45:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.09.17 13:32:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2012.01.30 19:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2014.10.15 19:57:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\j1u9vxj8.default\extensions
[2014.05.24 20:10:30 | 000,007,911 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\j1u9vxj8.default\searchplugins\Google.xml
[2014.06.20 07:06:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.07.02 09:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.09.14 20:21:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J1U9VXJ8.DEFAULT\EXTENSIONS\EXTENSION@LINKEYPROJECT.COM
File not found (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J1U9VXJ8.DEFAULT\EXTENSIONS\FASTSTARTFF@GMAIL.COM
[2011.12.21 09:39:32 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 08:21:58 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2011.12.21 08:21:58 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.21 08:21:58 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.21 08:21:58 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.21 08:21:58 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg\1.0.3.1_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.20_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.10.3_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo\1.4_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.10.18 07:23:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000..\Run: [GamingMouseEditor] C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe ()
O4 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk = C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.195.165.131 217.195.160.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46FE2406-099A-47C5-806C-DF48FFD23A86}: DhcpNameServer = 217.195.165.131 217.195.160.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE6F42A-B4B7-4384-AA57-125CFCBBCF42}: DhcpNameServer = 217.195.165.131 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.18 13:05:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.10.18 10:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.18 10:38:52 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.18 07:29:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.10.18 07:24:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.10.17 21:33:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.10.17 21:33:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.10.17 21:33:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.10.17 21:33:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.10.17 21:33:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.10.17 21:27:08 | 005,583,559 | R--- | C] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2014.10.16 06:52:53 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Temp
[2014.10.15 19:54:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.15 07:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014.10.15 06:36:53 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.10.15 06:36:53 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.10.15 06:36:53 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014.10.15 06:36:53 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014.10.15 06:36:53 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014.10.15 06:36:53 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014.10.15 06:36:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014.10.15 06:36:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014.10.15 06:36:26 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2014.10.15 06:36:26 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2014.10.15 06:36:26 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2014.10.15 06:36:26 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2014.10.15 06:36:24 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.10.15 06:36:22 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.10.15 06:36:21 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2014.10.15 06:36:21 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2014.10.15 06:36:20 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.10.15 06:36:18 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.10.15 06:36:17 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2014.10.15 06:36:16 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.10.15 06:36:15 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014.10.15 06:36:15 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.10.15 06:36:15 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2014.10.15 06:36:14 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014.10.15 06:36:13 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014.10.15 06:36:13 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.10.15 06:36:12 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014.10.15 06:36:12 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014.10.15 06:36:11 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.10.15 06:36:11 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014.10.15 06:36:11 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014.10.15 06:36:10 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.10.15 06:36:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2014.10.15 06:36:08 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.10.15 06:36:07 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014.10.15 06:36:06 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.10.15 06:36:05 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.10.15 06:36:05 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014.10.15 06:36:05 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2014.10.15 06:36:05 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2014.10.15 06:36:05 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.10.15 06:36:05 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2014.10.15 06:36:05 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2014.10.15 06:36:05 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2014.10.15 06:36:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2014.10.15 06:36:01 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2014.10.15 06:36:01 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2014.10.15 06:36:01 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2014.10.15 06:36:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014.10.15 06:36:01 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2014.10.15 06:36:01 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014.10.15 06:36:01 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2014.10.15 06:36:01 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014.10.15 06:36:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014.10.15 06:36:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.10.15 06:36:00 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2014.10.15 06:36:00 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014.10.15 06:36:00 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2014.10.15 06:36:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2014.10.15 06:36:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014.10.15 06:36:00 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014.10.15 06:36:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014.10.15 06:36:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2014.10.15 06:35:59 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.10.15 06:35:59 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.10.15 06:35:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2014.10.15 06:35:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2014.10.15 06:35:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2014.10.15 06:35:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2014.10.15 06:35:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2014.10.15 06:35:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2014.10.15 06:35:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014.10.15 06:35:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014.10.15 06:35:47 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.15 06:35:47 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.15 06:35:47 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.15 06:35:43 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.10.15 06:35:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.10.15 06:35:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.10.15 06:35:43 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.10.15 06:35:42 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.10.15 06:35:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.15 06:35:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.15 06:35:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.10.15 06:35:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.10.15 06:35:41 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.10.15 06:35:41 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.10.15 06:35:41 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.10.15 06:35:41 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.10.15 06:35:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.10.15 06:35:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.10.15 06:35:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.10.15 06:35:40 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.10.15 06:35:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.10.15 06:35:39 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.10.15 06:35:39 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.10.15 06:35:39 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.10.15 06:35:39 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.10.15 06:35:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.10.15 06:35:39 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.10.15 06:35:38 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.10.15 06:35:38 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.10.15 06:35:38 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.10.15 06:35:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.10.15 06:35:37 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.10.15 06:35:37 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.10.15 06:35:36 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.10.15 06:35:36 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.10.15 06:35:36 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.10.15 06:35:36 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.10.15 06:35:35 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.10.15 06:35:14 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.10.15 06:34:45 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.10.15 06:34:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014.10.15 06:34:32 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014.10.15 06:34:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.10.15 06:34:21 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014.10.15 06:34:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014.10.15 06:34:03 | 006,584,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.10.15 06:34:03 | 005,703,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.10.15 06:34:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.10.15 06:34:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.10.12 20:29:55 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Carbon
[2014.10.08 06:29:51 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\KSP_win
[2014.10.07 14:00:59 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\ksp-win64-0-24-2
[2014.10.04 17:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.10.01 06:22:08 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.10.01 06:22:08 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.25 13:37:59 | 000,038,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.09.25 13:37:59 | 000,032,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.09.23 23:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.09.23 23:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.10.18 17:37:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.18 16:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.10.18 13:05:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2014.10.18 10:35:10 | 001,222,144 | ---- | M] () -- C:\Users\admin\Desktop\RSITx64.exe
[2014.10.18 10:10:16 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.18 10:10:16 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.18 10:10:16 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.18 10:10:16 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.18 10:10:16 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.18 07:40:32 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.18 07:40:32 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.18 07:31:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.18 07:31:41 | 2134,253,567 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.18 07:23:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.10.17 21:25:02 | 005,583,559 | R--- | M] (Swearware) -- C:\Users\admin\Desktop\ComboFix.exe
[2014.10.17 18:05:23 | 000,090,340 | ---- | M] () -- C:\Users\admin\Desktop\10603669_832087876850161_5065591257805604012_n.jpg
[2014.10.16 06:38:21 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014.10.15 13:26:24 | 005,044,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.10.10 04:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.10 04:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.10 04:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.08 15:07:18 | 001,128,793 | ---- | M] () -- C:\Users\admin\Desktop\Krevní obraz - David Jonáš 001.jpg
[2014.10.08 14:19:41 | 000,896,382 | ---- | M] () -- C:\Users\admin\Desktop\Oční vyšetření - David Jonáš.jpg
[2014.10.04 15:58:54 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014.10.04 15:58:54 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.10.04 15:58:31 | 000,270,240 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.09.26 00:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.09.26 00:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.09.26 00:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.09.25 04:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.25 03:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.09.24 19:04:29 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014.09.24 17:47:11 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.09.24 17:47:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.09.19 03:55:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.09.19 03:40:43 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.09.19 03:40:03 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.09.19 03:39:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.09.19 03:38:27 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.09.19 03:36:57 | 005,829,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.09.19 03:30:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.09.19 03:27:09 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.09.19 03:26:00 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.09.19 03:25:09 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.09.19 03:18:02 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.09.19 03:14:28 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.09.19 03:06:47 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.09.19 03:01:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.09.19 03:01:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.09.19 03:01:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.09.19 03:00:45 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.09.19 02:59:40 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.09.19 02:58:03 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.09.19 02:53:52 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.09.19 02:51:24 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.09.19 02:50:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.09.19 02:49:31 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.09.19 02:42:57 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.09.19 02:42:56 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.09.19 02:40:12 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.09.19 02:36:23 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.09.19 02:32:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.09.19 02:18:55 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.09.19 01:59:26 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.09.19 01:52:24 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.10.18 13:09:51 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.18 10:38:39 | 001,222,144 | ---- | C] () -- C:\Users\admin\Desktop\RSITx64.exe
[2014.10.17 21:33:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.10.17 21:33:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.10.17 21:33:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.10.17 21:33:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.10.17 21:33:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.10.17 18:05:23 | 000,090,340 | ---- | C] () -- C:\Users\admin\Desktop\10603669_832087876850161_5065591257805604012_n.jpg
[2014.10.16 06:52:54 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014.10.08 15:06:30 | 001,128,793 | ---- | C] () -- C:\Users\admin\Desktop\Krevní obraz - David Jonáš 001.jpg
[2014.10.08 14:18:56 | 000,896,382 | ---- | C] () -- C:\Users\admin\Desktop\Oční vyšetření - David Jonáš.jpg
[2014.05.04 16:07:49 | 000,000,049 | ---- | C] () -- C:\Users\admin\AppData\Roaming\install.imp
[2014.02.20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2014.01.21 20:09:01 | 000,007,619 | ---- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2013.12.31 20:39:52 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.11.27 17:10:31 | 000,000,536 | ---- | C] () -- C:\Windows\eReg.dat
[2013.10.16 15:44:54 | 000,707,354 | ---- | C] () -- C:\Windows\unins000.exe
[2013.10.16 15:44:54 | 000,001,531 | ---- | C] () -- C:\Windows\unins000.dat
[2013.09.15 12:06:35 | 000,000,134 | ---- | C] () -- C:\Users\admin\AppData\Roaming\WB.CFG
[2013.08.05 08:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2013.08.05 08:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.10.17 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.minecraft
[2014.09.24 06:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.mono
[2014.08.28 20:15:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.technic
[2013.03.10 17:49:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.techniclauncher
[2013.08.12 12:10:00 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\3909
[2014.04.25 13:55:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG
[2014.08.28 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG2014
[2013.12.20 14:21:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Awesomium
[2014.04.16 10:20:41 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BANDISOFT
[2014.01.22 14:05:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Blockscape
[2014.10.12 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Carbon
[2014.08.28 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse
[2014.10.18 17:27:08 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse Client
[2014.09.12 14:21:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2014.01.19 15:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Double Fine
[2014.01.22 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2014.01.29 20:15:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Facepunch
[2013.08.25 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Fatshark
[2012.03.17 20:13:01 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Firefly Studios
[2012.04.04 15:14:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\flightgear.org
[2012.04.04 15:14:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\fltk.org
[2014.09.08 11:44:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HeroesAndGeneralsDesktop
[2014.05.13 10:13:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Java Map
[2013.12.16 08:29:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Kalypso Media
[2013.04.01 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\L.A.Noire
[2011.12.25 10:30:24 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2014.08.28 21:44:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\library_dir
[2013.08.29 21:14:44 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Little Inferno
[2013.03.12 19:47:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\LolClient
[2013.05.15 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Mount&Blade Warband
[2014.02.28 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\mPVR58rQ
[2012.07.29 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Need for Speed World
[2013.12.01 18:03:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\No Company Name
[2011.12.27 08:45:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opera
[2013.12.29 17:02:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Origin
[2014.10.18 15:33:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Raptr
[2014.01.22 19:32:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Seznam.cz
[2012.04.23 13:27:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SFBot
[2014.02.21 08:28:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Software Bisque
[2014.07.12 19:01:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SpaceEngineers
[2014.09.25 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SPORE
[2013.12.02 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.12.25 10:09:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Telefónica Móviles
[2013.11.28 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\The Creative Assembly
[2014.10.15 14:13:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TS3Client
[2012.01.20 14:46:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2013.02.03 18:08:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Unity
[2014.10.16 20:36:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2013.10.16 19:07:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\VitySoft
[2013.02.24 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wargaming.net
[2012.09.30 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wings3D
[2013.02.04 15:15:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.04 15:15:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,562 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.12 07:00:02 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.10.17 13:29:15 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.minecraft
[2014.09.24 06:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.mono
[2014.08.28 20:15:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.technic
[2013.03.10 17:49:03 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\.techniclauncher
[2013.08.12 12:10:00 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\3909
[2013.12.02 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Adobe
[2014.04.25 13:55:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG
[2014.08.28 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG2014
[2013.12.20 14:21:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Awesomium
[2014.04.16 10:20:41 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\BANDISOFT
[2014.01.22 14:05:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Blockscape
[2014.10.12 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Carbon
[2014.08.28 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse
[2014.10.18 17:27:08 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Curse Client
[2014.09.12 14:21:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2014.01.08 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DivX
[2014.01.19 15:26:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Double Fine
[2014.01.22 13:07:11 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2014.01.29 20:15:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Facepunch
[2013.08.25 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Fatshark
[2012.03.17 20:13:01 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Firefly Studios
[2012.04.04 15:14:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\flightgear.org
[2012.04.04 15:14:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\fltk.org
[2014.09.08 11:44:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\HeroesAndGeneralsDesktop
[2011.12.21 14:51:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Identities
[2011.12.21 14:56:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\InstallShield
[2014.05.13 10:13:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Java Map
[2013.12.16 08:29:30 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Kalypso Media
[2013.04.01 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\L.A.Noire
[2011.12.25 10:30:24 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Leadertech
[2014.08.28 21:44:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\library_dir
[2013.08.29 21:14:44 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Little Inferno
[2013.03.12 19:47:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\LolClient
[2011.12.26 15:14:08 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Macromedia
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Media Center Programs
[2013.11.26 20:32:10 | 000,000,000 | --SD | M] -- C:\Users\admin\AppData\Roaming\Microsoft
[2013.05.15 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Mount&Blade Warband
[2012.01.30 19:52:39 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Mozilla
[2014.02.28 15:33:06 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\mPVR58rQ
[2012.07.29 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Need for Speed World
[2013.12.01 18:03:20 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\No Company Name
[2011.12.27 12:32:53 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\NVIDIA
[2011.12.27 08:45:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Opera
[2013.12.29 17:02:49 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Origin
[2014.10.18 15:33:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Raptr
[2011.12.27 12:24:27 | 000,000,000 | R--D | M] -- C:\Users\admin\AppData\Roaming\SecuROM
[2014.01.22 19:32:57 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Seznam.cz
[2012.04.23 13:27:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SFBot
[2014.10.18 17:29:48 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Skype
[2014.02.21 08:28:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Software Bisque
[2014.07.12 19:01:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SpaceEngineers
[2014.09.25 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SPORE
[2013.12.02 17:30:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.01.26 17:39:14 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.25 10:09:47 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Telefónica Móviles
[2013.11.28 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\The Creative Assembly
[2014.10.15 14:13:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TS3Client
[2012.01.20 14:46:45 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2013.02.03 18:08:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Unity
[2014.10.16 20:36:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2013.10.16 19:07:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\VitySoft
[2014.10.16 20:35:38 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\vlc
[2013.02.24 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wargaming.net
[2012.09.30 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Wings3D
[2011.12.25 16:48:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.06.13 14:37:24 | 010,177,648 | ---- | M] (Coherent Labs) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\CoherentUI_Host.exe
[2014.10.17 21:49:12 | 006,048,520 | ---- | M] (Curse, Inc) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.exe
[2014.10.17 21:49:15 | 000,008,192 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\Curse.OverlayHelper.exe
[2014.10.15 06:18:35 | 000,731,896 | ---- | M] (Curse) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\CurseClientUpdater.exe
[2014.06.13 14:37:24 | 000,606,816 | ---- | M] (Curse, Inc.) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\CurseSetupHelper.exe
[2014.06.13 14:37:24 | 000,292,184 | ---- | M] (Microsoft Corporation) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\dxwebsetup.exe
[2014.08.30 09:43:01 | 000,008,192 | ---- | M] (easyhook.codeplex.com) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\EasyHook32Svc.exe
[2014.08.30 09:43:01 | 000,008,192 | ---- | M] (easyhook.codeplex.com) -- C:\Users\admin\AppData\Roaming\Curse Client\Bin\EasyHook64Svc.exe
[2013.04.01 19:17:48 | 001,009,505 | ---- | M] () -- C:\Users\admin\AppData\Roaming\L.A.Noire\Uninstall\unins000.exe
[2014.08.28 21:58:37 | 000,295,646 | R--- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}\CurseClient.exe
[2013.05.12 13:06:34 | 000,010,134 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.09.26 06:57:20 | 000,355,574 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{FC9F924E-9472-45F1-980D-8267E47AA054}\_3F5DC384232CA37DC0520A.exe
[2013.09.26 06:57:20 | 000,355,574 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Microsoft\Installer\{FC9F924E-9472-45F1-980D-8267E47AA054}\_6FEFF9B68218417F98F549.exe
[2014.10.16 06:23:34 | 049,628,992 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Raptr\raptr-4.1.1-r88229-release.exe
[2014.10.18 06:53:51 | 049,620,672 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Raptr\raptr-4.1.2-r88325-release.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2014.05.23 16:14:27 | 001,270,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
[2014.05.23 16:13:06 | 001,270,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\admin\AppData\Roaming\uTorrent\updates\3.4.1_31227.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014.09.26 00:43:38 | 011,807,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.11.26 08:34:20 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job >
[2014.10.18 17:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014.09.26 00:43:38 | 011,807,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2013.11.26 08:34:20 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2014.02.05 19:41:19 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2002.05.30 18:16:22 | 000,013,160 | ---- | M] () -- \Program Files (x86)\Firefly Studios\Stronghold Crusader\gm\cracks.gm1
[2014.09.08 11:41:23 | 000,072,202 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\Environments\Pictures\Architecture\Decals\AirStripConcreteCracks1A_diffuse.crn
[2014.09.08 11:41:55 | 000,190,528 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\Environments\Pictures\Architecture\Walls\CrackedPaintBurned1A_diffuse.crn
[2014.09.08 11:41:27 | 000,460,562 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\Environments\Pictures\Architecture\Walls\CrackedPaintBurned1A_normal.crn
[2014.09.08 11:41:36 | 000,203,189 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\Environments\Pictures\Architecture\Walls\CrackedPaintWhite1A_diffuse.crn
[2014.09.08 11:41:55 | 000,457,066 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\Environments\Pictures\Architecture\Walls\CrackedPaintWhite1A_normal.crn
[2014.07.12 00:34:57 | 000,000,123 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\tf\download\materials\sprites\trails\crackedbeam.vmt
[2014.07.12 00:34:57 | 000,022,080 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\tf\download\materials\sprites\trails\crackedbeam.vtf
[2013.12.01 17:37:24 | 000,005,672 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\12.0\Photo Creations Thumbnails\backgrounds\Cracked Paint.jpg
[2013.12.01 17:37:24 | 000,000,994 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\12.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
[2014.04.18 11:02:44 | 005,917,543 | ---- | M] () -- \Users\admin\AppData\Roaming\.minecraft\server-resource-packs\playmindcrack_Lobbyzip
[2014.09.07 11:56:13 | 000,029,916 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\The SIMS 4-Deluxe Edition-SKIDROWCRACK.torrent
[2014.05.25 07:03:03 | 000,050,094 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Watch Dogs Deluxe Edition FULL CRACKED-SG.torrent
[2014.05.23 16:18:02 | 000,050,388 | ---- | M] () -- \Users\admin\AppData\Roaming\uTorrent\Watch_Dogs-Digital.Deluxe-SKIDROWCRACK.torrent
[2013.10.16 19:07:57 | 000,005,369 | ---- | M] () -- \Users\admin\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2014.05.07 17:59:33 | 000,015,732 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrack.cfx
[2014.05.07 17:59:34 | 000,015,752 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
[2014.05.07 17:59:34 | 000,016,140 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
[2014.05.07 17:59:35 | 000,016,636 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
[2014.05.07 17:59:35 | 000,015,448 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
[2014.05.07 17:59:35 | 000,016,264 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
[2014.05.07 17:59:33 | 000,016,120 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncracklightmap.cfx
[2014.05.07 17:59:34 | 000,016,616 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
[2014.05.07 17:59:34 | 000,015,396 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
[2014.05.07 17:59:34 | 000,016,268 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetailcrackndetailncrackshadow.cfx
[2014.05.07 17:59:33 | 000,015,952 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrack.cfx
[2014.05.07 17:59:34 | 000,015,972 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
[2014.05.07 17:59:34 | 000,016,360 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
[2014.05.07 17:59:35 | 000,016,856 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
[2014.05.07 17:59:35 | 000,015,668 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
[2014.05.07 17:59:35 | 000,016,484 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
[2014.05.07 17:59:33 | 000,016,340 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
[2014.05.07 17:59:34 | 000,016,836 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
[2014.05.07 17:59:34 | 000,015,616 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
[2014.05.07 17:59:34 | 000,016,488 | ---- | M] () -- \Users\admin\Documents\Battlefield Play4Free\mods\main\cache\{D7B71E3E-5140-11CF-307E-B2A31CC2C435}_254171_4\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
[2013.12.01 17:37:24 | 000,005,672 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\12.0\Photo Creations Thumbnails\backgrounds\Cracked Paint.jpg
[2013.12.01 17:37:24 | 000,000,994 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\12.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.09.08 13:11:10 | 000,003,208 | ---- | M] () -- \FRST\Quarantine\C\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\skin\ajax-loader.gif
[2013.02.17 17:20:49 | 000,002,728 | ---- | M] () -- \Games (x86)\Aliens Colonial Marines\PecanGame\Localization\INT\DEFCHA_PowerLoader.int
[2013.01.09 19:20:26 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.02.05 19:41:19 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 19:41:19 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 19:41:19 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 19:41:19 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 19:41:19 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.02.05 19:41:19 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.04.09 18:57:05 | 000,006,582 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.02.05 19:41:19 | 000,003,649 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.02.05 19:41:19 | 000,006,995 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 19:41:19 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2010.08.24 10:53:04 | 000,071,008 | ---- | M] () -- \Program Files (x86)\2K Games\Mafia II\pc\PhysXLoader.dll
[2009.09.02 03:46:16 | 000,008,448 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\wil_shopd_speedloaderp.img.xbx
[2009.09.02 03:46:16 | 000,008,448 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\wil_shopd_speedloaderp2.img.xbx
[2009.09.02 03:46:16 | 000,008,448 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\wil_shopd_speedloaders.img.xbx
[2009.09.02 03:46:16 | 000,008,448 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\wil_shope_speedloaderr.img.xbx
[2009.09.02 03:46:16 | 000,002,304 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\small_upgrades\wil_shopd_speedloaderp2_sm.img.xbx
[2009.09.02 03:46:16 | 000,002,304 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\small_upgrades\wil_shopd_speedloaderp_sm.img.xbx
[2009.09.02 03:46:16 | 000,002,304 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\small_upgrades\wil_shopd_speedloaders_sm.img.xbx
[2009.09.02 03:46:16 | 000,002,304 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\images\store\inventory\small_upgrades\wil_shope_speedloaderr_sm.img.xbx
[2012.03.13 13:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 11:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 11:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.02.12 01:15:14 | 000,058,880 | ---- | M] () -- \Program Files (x86)\Aliens Colonial Marines\Binaries\Win32\PhysXLoader.dll
[2013.02.17 17:20:49 | 000,002,728 | ---- | M] () -- \Program Files (x86)\Aliens Colonial Marines\PecanGame\Localization\INT\DEFCHA_PowerLoader.int
[2012.02.23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012.02.02 20:22:58 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.03.16 12:43:12 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\PhysXLoader.dll
[2012.06.19 18:12:02 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderBalefork.dds
[2012.06.19 18:12:02 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderPalletfork.dds
[2012.06.19 18:12:02 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderShovel.dds
[2012.06.29 12:45:50 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderSilageFork.dds
[2012.08.28 17:43:02 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\store_wheelloader.dds
[2012.10.12 11:59:48 | 003,168,958 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.i3d
[2012.10.05 14:00:52 | 000,008,582 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.xml
[2010.10.01 14:08:06 | 000,696,448 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_diffuse.dds
[2010.09.28 09:29:56 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_normal.dds
[2010.09.28 15:05:12 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_specular.dds
[2012.09.17 06:18:20 | 000,088,703 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.i3d
[2012.10.05 14:00:52 | 000,000,854 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.xml
[2012.09.17 06:18:20 | 000,105,847 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.i3d
[2012.10.05 14:00:52 | 000,000,857 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.xml
[2012.09.11 21:13:26 | 000,094,161 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderShovel.i3d
[2012.10.09 09:22:20 | 000,003,040 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderShovel.xml
[2012.10.10 16:22:24 | 000,262,878 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.i3d
[2012.10.10 15:12:02 | 000,002,966 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.xml
[2012.10.09 14:47:26 | 002,654,362 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader.i3d
[2012.10.09 14:47:26 | 000,010,051 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader.xml
[2012.09.02 14:57:46 | 000,134,236 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderIdle.wav
[2012.09.02 14:57:46 | 000,080,314 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderStart.wav
[2012.09.16 16:48:02 | 000,059,542 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderStop.wav
[2012.08.27 19:23:24 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_diffuse.dds
[2012.08.27 19:23:24 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_normal.dds
[2012.08.27 19:23:24 | 000,043,832 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_specular.dds
[2012.08.27 19:23:24 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_diffuse.dds
[2012.08.27 19:23:24 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_normal.dds
[2012.09.02 14:57:46 | 000,188,618 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_run.wav
[2012.08.27 19:23:24 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_specular.dds
[2013.02.01 01:16:50 | 000,065,344 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2014.09.17 04:14:17 | 001,169,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 09:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.04 23:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2010.11.23 00:57:34 | 000,009,216 | ---- | M] () -- \Program Files (x86)\Raptr\_win32sysloader.pyd
[7 \Program Files (x86)\Raptr\*.tmp files -> \Program Files (x86)\Raptr\*.tmp -> ]
[2011.10.08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2011.10.08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2011.10.08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2011.10.08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2013.10.23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2013.08.08 13:21:52 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\aceofspades\_win32sysloader.pyd
[2014.09.17 14:04:06 | 000,006,107 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\loader\DialogLoader.lua
[2014.09.17 14:05:11 | 000,001,992 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\MissionEditor\data\MissionGenerator\GeneratorData\db_loader.lua
[2014.09.17 14:05:12 | 000,006,905 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\MissionEditor\modules\loaderMaps.lua
[2014.09.17 13:59:04 | 000,000,831 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Scripts\AI\Task_Data_Loader.lua
[2014.09.17 13:59:05 | 000,001,011 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Scripts\Database\vehicles\SAM\9T217 OSA Loader.lua
[2014.09.17 13:59:05 | 000,006,278 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Scripts\Input\Loader.lua
[2014.09.08 11:43:57 | 000,056,336 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\_packed\_Out\Flash\Ingame_Hud\LoaderImage.swf
[2013.08.24 20:45:40 | 000,070,944 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\PhysXLoader.dll
[2014.04.20 16:28:24 | 000,063,256 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2014.08.25 15:32:24 | 000,063,256 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\RedOrchestra2Beta\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2014.09.11 07:35:47 | 008,457,376 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Take On Mars\TKOM_loader.exe
[2014.06.20 18:33:44 | 000,285,478 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Take On Mars\icons\TKOM_loader.ico
[2014.06.18 17:25:03 | 000,018,208 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\War of the Roses\loader.exe
[2007.06.25 19:18:18 | 000,071,208 | ---- | M] () -- \Program Files (x86)\UBISOFT\Ghost Recon Advanced Warfighter 2\physxloader.dll
[2011.02.05 10:15:26 | 000,007,025 | ---- | M] () -- \Program Files (x86)\wings3d_1.4.1\lib\kernel-2.14.2\ebin\hipe_unified_loader.beam
[2009.06.02 02:16:58 | 000,114,688 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.03.13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{5DCA1069-D6D9-42E3-9DA6-21A0D684D371}\ExtensionLoader.dll
[2014.04.28 14:36:08 | 000,001,737 | ---- | M] () -- \Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg\1.0.3.1_0\pages\skin\img\ajax-loader.gif
[2014.10.14 22:44:10 | 000,003,208 | ---- | M] () -- \Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\skin\ajax-loader.gif
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.10.3_0\img\gifloader.gif
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\admin\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2013.11.08 08:08:28 | 000,178,737 | ---- | M] () -- \Users\admin\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2013.11.08 07:46:55 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2013.11.07 20:22:54 | 000,196,610 | ---- | M] () -- \Users\admin\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2013.11.07 08:27:52 | 000,166,828 | ---- | M] () -- \Users\admin\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2013.08.06 18:43:52 | 000,781,324 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\hexxit\ForgeModLoader-client-0.log
[2013.08.06 18:20:02 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\hexxit\ForgeModLoader-client-0.log.lck
[2013.08.06 10:40:06 | 000,826,356 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\hexxit\ForgeModLoader-client-1.log
[2013.08.06 20:02:40 | 000,218,015 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-0.log
[2013.08.06 19:37:48 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-0.log.lck
[2013.03.20 17:07:21 | 000,176,351 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\lapitos-galacticraft\ForgeModLoader-client-1.log
[2014.03.23 12:26:56 | 000,000,068 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\attack-of-the-bteam\config\TConPreloader.cfg
[2014.03.23 14:58:25 | 000,012,321 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\lapitos-galacticraft\ForgeModLoader-client-0.log
[2014.03.23 14:58:25 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\lapitos-galacticraft\ForgeModLoader-client-0.log.lck
[2014.03.23 14:41:24 | 000,012,321 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\lapitos-galacticraft\ForgeModLoader-client-1.log
[2014.10.07 09:46:21 | 000,047,978 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\official-crafting-dead-mod\ForgeModLoader-client-0.log
[2014.10.07 09:41:40 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\official-crafting-dead-mod\ForgeModLoader-client-0.log.lck
[2014.10.06 13:50:22 | 000,070,251 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\official-crafting-dead-mod\ForgeModLoader-client-1.log
[2014.10.05 19:18:09 | 000,101,223 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\official-crafting-dead-mod\ForgeModLoader-client-2.log
[2014.06.15 14:21:50 | 000,063,407 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkit\ForgeModLoader-0.log
[2014.06.15 14:19:49 | 000,001,980 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2014.06.15 14:17:49 | 000,485,914 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkitlite\ForgeModLoader-client-0.log
[2014.06.15 13:41:40 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkitlite\ForgeModLoader-client-0.log.lck
[2014.06.15 12:22:34 | 000,666,096 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkitlite\ForgeModLoader-client-1.log
[2014.06.14 13:58:38 | 000,483,749 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\modpacks\tekkitlite\ForgeModLoader-client-2.log
[2013.09.24 16:28:20 | 000,065,047 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\official-crafting-dead-mod\ForgeModLoader-client-0.log
[2013.09.24 16:06:27 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\official-crafting-dead-mod\ForgeModLoader-client-0.log.lck
[2013.09.22 18:36:42 | 000,035,665 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\official-crafting-dead-mod\ForgeModLoader-client-1.log
[2013.08.31 17:24:20 | 000,194,657 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\official-crafting-dead-mod\ForgeModLoader-client-2.log
[2013.08.06 11:45:05 | 000,478,759 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-0.log
[2013.08.06 10:40:32 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-0.log.lck
[2013.08.05 14:19:05 | 000,375,425 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\tekkitlite\ForgeModLoader-client-1.log
[2013.08.05 12:42:31 | 000,419,181 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log
[2013.08.05 12:36:45 | 000,000,000 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\tekkitmain\ForgeModLoader-client-0.log.lck
[2013.03.20 17:14:43 | 000,142,502 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\voltz\ForgeModLoader-client-0.log
[2013.03.20 17:11:12 | 000,004,518 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\voltz\ForgeModLoader-client-1.log
[2013.08.14 15:29:35 | 000,025,482 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\yogbox\ModLoader.txt
[2013.08.14 15:29:28 | 000,000,833 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\yogbox\config\ModLoader.cfg
[2013.08.14 15:29:22 | 000,000,047 | ---- | M] () -- \Users\admin\AppData\Roaming\.technic\yogbox\config\mod_ModLoaderMp.cfg
[2012.05.31 18:58:17 | 000,026,636 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\technicssp\ModLoader.txt
[2013.03.10 17:21:00 | 000,001,349 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\technicssp\config\ModLoader.cfg
[2012.04.09 16:48:20 | 000,000,047 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\technicssp\config\mod_MAtmos_forModLoader.cfg
[2012.05.31 18:57:49 | 000,000,047 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\technicssp\config\mod_ModLoaderMp.cfg
[2012.05.24 16:48:34 | 000,001,980 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\technicssp\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013.03.10 18:52:27 | 000,063,143 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkit\ForgeModLoader-0.log
[2013.01.27 18:46:20 | 000,063,520 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkit\ForgeModLoader-1.log
[2013.01.27 16:01:10 | 000,062,691 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkit\ForgeModLoader-2.log
[2012.08.06 20:51:02 | 000,023,355 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkit\ModLoader.txt
[2012.04.23 20:31:42 | 000,001,980 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkit\mods\ComputerCraft\org\luaj\vm2\luajc\JavaLoader.class
[2013.01.14 18:48:50 | 000,384,025 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\tekkitlite\ForgeModLoader-client-0.log
[2013.01.02 22:28:08 | 000,168,285 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\voltz\ForgeModLoader-client-0.log
[2012.04.19 14:31:25 | 000,005,155 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\voxelmodpack\ModLoader.txt
[2012.04.19 14:31:20 | 000,000,271 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\voxelmodpack\config\ModLoader.cfg
[2013.01.04 10:57:18 | 000,025,194 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\yogbox\ModLoader.txt
[2013.01.04 10:39:42 | 000,000,832 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\yogbox\config\ModLoader.cfg
[2013.01.04 10:39:40 | 000,000,046 | ---- | M] () -- \Users\admin\AppData\Roaming\.techniclauncher\yogbox\config\mod_ModLoaderMp.cfg
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\admin\AppData\Roaming\Seznam.cz\bin\15304libfoxloader-x64.dll
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\admin\AppData\Roaming\Seznam.cz\bin\15304libfoxloader.dll
[2013.07.29 15:10:38 | 000,000,165 | ---- | M] () -- \Users\admin\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\admin\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\admin\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2012.02.02 19:34:44 | 002,067,706 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
[2011.12.22 12:00:16 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.10.18 16:49:31 | 000,033,666 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2014.07.08 23:51:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_2e996e2009f56895.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_2bc5035c0bcbbd2f.manifest
[2014.07.08 23:51:25 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_d45b30eefae125bd.manifest
[2014.07.08 23:52:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_d4b5d954faa9c8f4.manifest
[2014.07.08 23:51:37 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_d4813638fad0ba99.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_739c3ae5efeaacc3.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_7738ac37eda2d0fb.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_bea92c7fd202a017.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6160a27ec4d4b679.manifest
[2014.07.08 23:51:51 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_0386218bb7efc854.manifest
[2014.07.08 23:51:11 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_a6effe40aa608f6a.manifest
[2014.07.08 23:51:17 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_8f827f758285bb26.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_8dc1cab383b1c4fb.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_d3fe253568d432af.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_d6520fd9675dc693.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_d733df4566cd366f.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_1dd6f1094baec49b.manifest
[2014.07.08 23:51:26 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_b9d1db7e42d7cef6.manifest
[2014.07.08 23:51:38 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_62df25c53193d0e7.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_343c43c2e1cba306.manifest
[2014.07.08 23:51:18 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_32e73c50e2a71596.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_38388118df3c7f76.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_2f183ce5231b2177.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_2c43d22124f17611.manifest
[2014.07.08 23:51:21 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_d4d9ffb41406de9f.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_d534a81a13cf81d6.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_d50004fe13f6737b.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_741b09ab091065a5.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_77b77afd06c889dd.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_bf27fb44eb2858f9.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_61df7143ddfa6f5b.manifest
[2014.07.08 23:51:54 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_0404f050d1158136.manifest
[2014.07.08 23:51:36 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_a76ecd05c386484c.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_90014e3a9bab7408.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_8e4099789cd77ddd.manifest
[2014.07.08 23:52:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_d47cf3fa81f9eb91.manifest
[2014.07.08 23:51:49 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_d6d0de9e80837f75.manifest
[2014.07.08 23:52:02 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_d7b2ae0a7ff2ef51.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_1e55bfce64d47d7d.manifest
[2014.07.08 23:51:29 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_ba50aa435bfd87d8.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_635df48a4ab989c9.manifest
[2014.07.08 23:51:34 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_34bb1287faf15be8.manifest
[2014.07.08 23:51:42 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_33660b15fbccce78.manifest
[2014.07.08 23:51:10 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_38b74fddf8623858.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_9f5264e54ecc21f2.manifest
[2014.07.08 23:51:14 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_3c8c450c45121df1.manifest
[2014.07.08 23:51:52 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_39b7da4846e8728b.manifest
[2014.07.08 23:52:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_e24e07db35fddb19.manifest
[2014.07.08 23:51:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_e2a8b04135c67e50.manifest
[2014.07.08 23:51:24 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_e2740d2535ed6ff5.manifest
[2014.07.08 23:51:45 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_818f11d22b07621f.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_852b832428bf8657.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_cc9c036c0d1f5573.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6f53796afff16bd5.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_1178f877f30c7db0.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_b4e2d52ce57d44c6.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_9d755661bda27082.manifest
[2014.07.08 23:52:02 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_9bb4a19fbece7a57.manifest
[2014.07.08 23:51:42 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_e1f0fc21a3f0e80b.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_e444e6c5a27a7bef.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_e526b631a1e9ebcb.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_2bc9c7f586cb79f7.manifest
[2014.07.08 23:51:34 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_c7c4b26a7df48452.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_70d1fcb16cb08643.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_422f1aaf1ce85862.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_40da133d1dc3caf2.manifest
[2014.07.08 23:51:19 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_462b58051a5934d2.manifest
[2014.07.08 23:51:06 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_9fd133aa67f1dad4.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_3d0b13d15e37d6d3.manifest
[2014.07.08 23:51:07 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_3a36a90d600e2b6d.manifest
[2014.07.08 23:51:50 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_e2ccd6a04f2393fb.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_e3277f064eec3732.manifest
[2014.07.08 23:51:49 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_e2f2dbea4f1328d7.manifest
[2014.07.08 23:51:40 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_820de097442d1b01.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_85aa51e941e53f39.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_cd1ad23126450e55.manifest
[2014.07.08 23:51:56 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_6fd24830191724b7.manifest
[2014.07.08 23:51:55 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_11f7c73d0c323692.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_b561a3f1fea2fda8.manifest
[2014.07.08 23:51:47 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_9df42526d6c82964.manifest
[2014.07.08 23:51:12 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_9c337064d7f43339.manifest
[2014.07.08 23:52:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_e26fcae6bd16a0ed.manifest
[2014.07.08 23:51:54 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_e4c3b58abba034d1.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_e5a584f6bb0fa4ad.manifest
[2014.07.08 23:51:29 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_2c4896ba9ff132d9.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_c843812f971a3d34.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_7150cb7685d63f25.manifest
[2014.07.08 23:51:11 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_42ade974360e1144.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_4158e20236e983d4.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_46aa26ca337eedb4.manifest
[2014.08.19 05:35:52 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_9dd39e01816788fc.manifest
[2014.08.19 05:26:54 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_9e4e6b9e9a90dc82.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.15 07:29:30 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.15 07:29:30 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.15 07:29:30 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.15 07:29:30 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.15 07:29:30 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.15 07:29:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.15 07:29:30 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.15 07:29:30 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.15 07:29:30 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.15 07:29:30 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 05:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 05:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2009.09.02 03:46:10 | 000,002,331 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnodes.dbg
[2009.09.02 03:46:10 | 000,000,528 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnodes.qb.xbx
[2009.09.02 03:46:10 | 000,003,411 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnodes_maintain.dbg
[2009.09.02 03:46:10 | 000,000,940 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnodes_maintain.qb.xbx
[2009.09.02 03:46:10 | 000,005,541 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_attack.dbg
[2009.09.02 03:46:10 | 000,001,032 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_attack.qb.xbx
[2009.09.02 03:46:10 | 000,002,249 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_hide.dbg
[2009.09.02 03:46:10 | 000,000,504 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_hide.qb.xbx
[2009.09.02 03:46:10 | 000,001,682 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_moveto.dbg
[2009.09.02 03:46:10 | 000,000,436 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_moveto.qb.xbx
[2009.09.02 03:46:10 | 000,002,139 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_peek.dbg
[2009.09.02 03:46:10 | 000,000,392 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_peek.qb.xbx
[2009.09.02 03:46:10 | 000,005,829 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_use.dbg
[2009.09.02 03:46:10 | 000,001,692 | ---- | M] () -- \Program Files (x86)\Activision\GUN\data\scripts\game\AI\Behaviors\bv_combatnode_use.qb.xbx

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.02.05 19:41:19 | 000,003,170 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[2013.02.13 15:09:51 | 000,020,800 | R--- | M] () -- \Program Files (x86)\Hi-Rez Studios\HiRezGames\smite\Binaries\Autoreporter.XmlSerializers.dll
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.25 18:18:04 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.09.17 13:37:58 | 000,131,116 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Bazar\Liveries\P-51D\USAF 485rd FS\P51D_serial_number_w.tga
[2014.09.17 13:37:58 | 000,131,116 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Bazar\Liveries\P-51D\USAF 84 rd FS,\P51D_serial_number_w.tga
[2014.09.17 13:37:58 | 000,131,116 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Bazar\Liveries\P-51D\USAF DEE\P51D_serial_number_w.tga
[2014.09.17 14:04:09 | 000,000,615 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\btn_serialcopy_modules_dis.png
[2014.09.17 14:05:43 | 000,000,621 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\btn_serialcopy_modules_hover.png
[2014.09.17 14:05:00 | 000,000,981 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\btn_serialcopy_modules_pressed.png
[2014.09.17 13:55:35 | 000,000,624 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\btn_serialcopy_modules_released.png
[2014.09.17 13:55:35 | 000,000,522 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\modul_btn_serialreturn_hover.png
[2014.09.17 13:55:35 | 000,000,520 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\dxgui\skins\skinME\images\manager_modules\modul_btn_serialreturn_release.png
[2014.09.17 13:59:05 | 000,010,172 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\DCSWorld\Scripts\Serializer.lua
[2013.08.24 22:12:39 | 000,003,615 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Poker Night at the Inventory\Pack\Launcher\images\button_serialnumber.png
[2013.08.24 20:59:24 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmserializers.dll
[2014.05.13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.08.25 18:18:34 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.10.13 20:01:05 | 000,003,608 | ---- | M] () -- \Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2014.10.13 18:18:49 | 000,016,384 | ---- | M] () -- \Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2014.02.14 09:05:21 | 000,000,248 | ---- | M] () -- \Users\admin\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.15 13:43:25 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.15 15:03:15 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.15 13:48:25 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.10 14:15:17 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\42223d4a72c5689046f135df444d6981\System.Runtime.Serialization.ni.dll
[2014.10.15 14:53:12 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.09.10 14:12:56 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5308caa4ad872301e40b3d9ec8bf9037\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.10 07:12:31 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.10 07:12:31 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.15 07:33:09 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.15 07:33:09 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 11:36:02 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.14 11:36:02 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.09.10 19:40:28 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.10 19:40:28 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.15 14:59:50 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014.10.15 14:59:50 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 11:45:37 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.14 11:45:37 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013.09.11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 10:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 23:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014.03.09 23:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2011.12.22 12:03:53 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.12.22 12:03:53 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 10:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 10:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 08:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 04:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 08:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 04:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 08:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 04:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 08:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 04:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2011.04.12 10:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 09:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 06:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 10:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 06:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 18.10.2014 13:41:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 3,68 Gb Available Physical Memory | 46,11% Memory free
15,97 Gb Paging File | 11,91 Gb Available in Paging File | 74,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 540,79 Gb Total Space | 47,58 Gb Free Space | 8,80% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 335,14 Gb Free Space | 85,80% Space Free | Partition Type: NTFS
Drive H: | 14,52 Gb Total Space | 14,52 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08279E5D-6DE3-4EB4-B5CB-40042C30E530}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2253C074-8B4E-4876-998B-5CB641AFDE34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A3FB1E5-1BA1-4614-9572-EDB9FD0E8369}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4977B085-0ACF-4F35-A767-1D18F8F66022}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{52832444-8B37-48C5-AF71-B313876DECCC}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{58616E01-E194-4C4F-B3B1-292565A15FC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FABB182-5521-4D32-9C57-3086D39E9BD5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A4BB455-EFAE-43DC-8F88-9EE07B6682B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{891729FA-1AA3-48C8-9D14-71E43222A116}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{89AE0925-B75A-4DE0-B814-1FAC3F750697}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F13C3B6-216C-44E2-B1C8-AF8FA729253E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{90782A83-C8C5-4B35-8786-26281CFEDE17}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A15E4613-F093-4667-BF54-C0271F02135C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BB7E505E-1B6C-4F63-A52F-760B4DB5BF86}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0BFB394-8E6D-4678-9FFC-4330B04AC49D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB67EBF3-7162-4B60-840C-8D831154560D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4B71AD9-D5FE-4D1E-9296-C689B4F6ABD9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DEAC8F2B-B280-430B-B975-7DC7EE124A9C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7F788FF-C0DC-4655-80A4-D2ED61ABBCAD}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{EB03D10B-B1B2-4D5C-93D1-1742EAA7B882}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EDA578BF-2881-43D2-A246-8E490E87F226}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EF002158-5C9C-44DF-BB49-1FF79276EBD8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BC0F7-6A94-46FA-88EF-6CDDCAE35655}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0270B808-2A11-4F53-A119-D452CB662F15}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{035B9F46-11D9-416A-BA85-C21E802D6937}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dcsworld\run.exe |
"{050C5EB4-D940-4A83-84A9-C25187E08EFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{0671433D-629A-4B8B-95FE-3703979CB7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{07C0F038-7833-4938-AAF7-444CBB06A1B0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{0A524C07-C0A2-45E2-9195-27ECA73AED13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{0A7660CE-6C13-4941-84D4-EBB401E361E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{0A91EC14-BF34-4B00-8C6D-574D7FBC873E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{0AB9B6C9-209C-481C-8BEA-B3DAC29F50F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0C5CB6C0-F927-4883-9EE2-F9EE22046C16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{0CB6B851-E4F5-4E4B-A0D8-D2EF3F626316}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dcsworld\run.exe |
"{0E6C7C1D-053A-4817-B109-B1284F29BE11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{0F49FCEA-78D0-4D65-86AB-FD9A18DDC5B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wolves\starwolves.exe |
"{1237B92E-F2DC-40E1-9903-6B30AE4C0B22}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{12B55697-7FBE-40F7-8E6D-42411DA36E49}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2.exe |
"{131F3815-6BE2-4E0D-98EF-C14F1C2D5189}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{1342D5DD-22D9-4219-BC6E-C998D3E506D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\take on mars\tkom_loader.exe |
"{142C39EF-BBC0-4F0C-9A4F-8F9E4F3EEAF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{148908B2-1AA0-451C-8DAE-73DDA338C1C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{1654D0B0-471C-4B61-9D2B-8ADEA5A7B5B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1690F089-8AFF-41A6-A209-DD5EA878CC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{18F7AA2B-6F9E-404F-B404-C4474E226631}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{19A940BB-5F8F-4CFE-B92A-1C8A79EC93B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{19DF3862-D3EF-42A0-A128-585727E2B8FE}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{1BD3D90F-0245-4F07-8754-D2C72CC8A626}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1C81FE88-8CC5-45D2-A9EC-A6E51F6CD86A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{1DEF2252-6029-4D71-B1A3-FCC5C4451D6F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{1E35617A-DE1F-451C-9C0F-16DD535268CA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{2093E11D-D877-414D-99FA-7884BF0050B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20A4D979-C924-4862-98B8-3592BDA5C428}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{229CBE5E-F051-488B-BE61-435FD417768A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{22C03675-DCCE-480A-A457-CCBE66DD0F28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{2365F7DD-8146-447F-B851-1F5D6C057768}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{261251D5-2C1C-444B-8816-BA9FA85C5668}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{26BA05DA-E593-4982-9FD0-9A632B58118C}" = dir=in | app=c:\users\admin\appdata\local\microsoft\skydrive\skydrive.exe |
"{2C7E69D4-A15E-4AB0-A276-FF6004D079C8}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{2D424B3E-7DAC-493B-8C8B-F88B12A2815E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\configtool.exe |
"{2F342F54-D475-4FF3-9BE8-D0116670CC60}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{2FA0AFAC-5C7C-49C5-90E4-93170EDA5AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{2FB9042D-C5BA-4219-B3A3-952BDB6B860F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2FE04A8F-5C9A-4BC7-B003-40F4D6559CEC}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{30DE3348-073E-446F-A6ED-7EB657BF26C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{3116E4CD-ACFD-4918-9E3D-05E5F0663B98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{31A6420D-6EAC-471D-847D-23081516CF30}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{324F78C1-EE61-479A-BC98-C0DB39A1DD14}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3446D853-7B38-45D6-A470-0F73F1DD2E82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{344D1C70-03C1-41D0-B887-8D0F21CFA820}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34F10C01-8C0E-4B85-8703-22810CA7FFE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{375E5F58-F655-413E-AB65-64538F154805}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{37B88089-E7CB-4E45-814F-BEE587764C6D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{37FEC4AA-1758-4B89-9CD4-9E2735760FD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{390BF375-1B7E-412D-8FE8-3073303E6647}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{3C2636DB-6460-4FBE-8416-8E22C7BB8F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{3CD019DB-8FAF-47A3-B9DD-A9705BE3A479}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{41903B16-5C9D-4294-9600-8F29B810D646}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{42A11F0F-389C-48E3-AFC1-1FDED45D1D4E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{437C90D1-B70C-4670-B869-79AB60D83053}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{44185701-BE7D-4023-856B-7926C22FCEE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{45464091-75D6-490A-9FDE-18FAB45B4CBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{4679372A-55F3-411C-BB8A-8E677859CE6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4AFA089F-3CCA-4B66-B89B-B7DB54807EDA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{4B6AC7BA-0827-4FB8-89A3-9E8B3BD72EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{4F3317A6-05BA-4F27-A75F-9AB2E71314D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{50B69E8B-041B-4C31-BD8D-4FDF2A943466}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{5102F0FC-2651-44FE-BDB4-A5839C17DB22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{525D03F8-C7B2-4A40-9382-22E8039EE850}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{53D2D036-6352-4641-B4C9-7419AF54A49C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{53FA572E-4F83-45F1-BDDD-3009475860C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{54E42A30-A181-4ABA-BC10-541800CE2A97}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{5662A918-BAFD-40CD-8689-08AB8F339522}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{58471AC0-1714-4AD2-9A7E-C095ADBB951A}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{584DCC2B-7864-450A-9F05-B66F7A20AAA0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5A39657E-E48D-4398-8E5D-E81D5AFD197F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5D758B93-EA2D-484B-9EEF-66858B8F27A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{6063B793-38A2-4D0D-A145-81089EBB7BC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{60A243A3-3DEB-4804-8F24-24CD0827C77B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{60A90ADF-4EC7-4802-82A7-D9B40C341612}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{60D8BDE4-0E45-42F3-A1AF-47D0510922AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{61426279-E879-4094-A94D-F3264B744C91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{644542DE-11CE-4CAC-97B0-5C5E4E827350}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{678DF708-0E48-4C63-83B4-651BBE091972}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\configtool.exe |
"{67C84791-FB32-4DFE-9E59-79DDEA6B8FA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\viking.exe |
"{68AC891E-9B5D-4F7C-B7C3-3EF3D4E4E809}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69484E41-E9FF-44A5-914C-E22C88617F79}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69D0E4EA-F47D-4D27-B51B-14780C2E4F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{6B006E7B-5302-4FF2-88F9-E823ED94FDB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{6CA2B257-4BFC-49CB-9AE3-FE0B29139F47}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{6CE9F8C3-677F-4AB0-8C19-842C228F9FD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{6EAE7287-1F24-4040-8FA7-7714E6651949}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{6F59782D-3D6D-411A-8695-D63018BDCEBA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{6F6C4EC8-BD41-4674-8AF7-9EF3E6874CBC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{7186E2D4-61EC-434C-8BA6-E83F78FCB641}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{729D19A9-1D98-4607-869B-558C867D811A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{7380E099-CBD2-4CE3-972E-F28C43D3B1AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{75E8FD3D-71A3-4BDF-9CB4-BFBF8511094E}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{762A159F-585C-4E67-909D-03073C9C26EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{764A3D6E-4CCE-4262-9AFA-5262BAEF29B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B8A8230-021A-46C0-9048-0340104F3A72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{7E52E8F1-3DDE-4C19-80EE-7B7CB175740D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7F03B214-9459-4731-97C0-081342B05C81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81B6D2ED-A38F-4B56-9392-D93FA10EA234}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{81B8D287-DC94-4CFC-B146-5A665DCC4DC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{826B31C4-EBD1-4121-AB59-AF1A169FE7D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{8325BB09-55E8-425C-92DD-CE1A89377462}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8336D767-1224-40A0-93C3-D70BAA9A2496}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83573846-063E-4C55-BFE4-9A1EAFDA4F1D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8362D881-05FC-4BB0-8F00-81B77623C8AC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A1D365A-1AFA-4FDB-AF07-FEDE886E045B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{905BC7E2-662B-4D83-9C90-92FBE972E84D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{9327B8FB-F82B-439C-B84B-ED64FA99AF24}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{944C3293-874B-44AA-9FCE-09FC2E4FD87B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{96AE396D-7C96-40D0-9A32-CAA0B8166B95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{9757A46A-2150-4568-9FB6-BB377D5BDF8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{989AFCB6-A431-4719-9386-7CAB0B749B9B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9BC70DC0-AE68-439F-9B31-A7316EC89DBF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{A16878CA-72E1-41D7-9EEC-AB5EDE2B9417}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{A1942E96-6198-4540-82F3-96067AB2CED8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2B82FA1-1D65-44B2-A700-9E1DB7534A98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A558E497-3303-436F-8CFA-2198B6401E87}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A574BE68-B6AC-4AEB-BCE5-918EA97B5682}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5CBFEC2-A81E-41EA-BC00-2458859FB86F}" = protocol=6 | dir=out | app=system |
"{A695553C-EBDD-4B8D-8C48-D7FCB9044D23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{A7DEE4BC-8383-4C40-A2C3-3B1550EA35BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A8A28038-E99C-4160-9090-7F8857ED78E9}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{A950761C-CEAB-4C1B-A1B5-BAE9574D41BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{A953E2C3-245C-4B86-9409-1C00A4D761DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A9666CF6-52DC-4CE4-9A41-7BF043DEC06A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A9980C62-D5F5-4152-A708-7FE87341DADA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{AA109485-4259-4A08-A924-5318302710C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
"{AAE5E640-AB79-4A7B-8510-7D712D588662}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the vikings limited public alpha\run_game.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ABD1CBCC-AE9D-4A3C-940D-C6F2D12FD8DF}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{ABD5845E-5BF2-4EFB-88BE-2EB856BCFCD4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{ABDF3337-4426-4002-A8DE-C46F3E9BC4DB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{AD0BBC02-E0F4-4F13-A0AA-58BCF29AA99A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{AD8C7937-1097-4DB4-9E78-FDBFBA29ED11}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{AF1C00F8-A785-43B3-B81D-DB35EEA194F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B11787C8-9CB9-4AA3-A945-A645CA07F296}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe |
"{B2334217-EAA4-43F7-A075-986C1AC6FB95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B24766F2-D990-41B3-B2B1-39E0AA0FC7B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B7EEA85B-3FE5-45BF-B10D-097465469052}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B8BD0119-A318-474D-AD5F-EC9B5E83F762}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{B8E5CF4D-45B0-4A5A-A014-02E2FDFCA0C7}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{BBF3FA80-CD7B-4E99-8F1E-6E696C0CB581}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BC020E50-5F73-49F1-A307-C227B0DF8692}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{BC06513F-C79A-471C-AE8F-BA31F6D01DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BE3CFEFA-AAA8-478F-8B45-109435A86FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
"{BE4B0764-F9C3-4155-9F82-15DD34D014A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4785D76-6B2E-4B03-90A2-B7C1CAA854D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C47F513A-098C-4858-8BA6-D46F661290AF}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{C631359A-84F9-476A-9641-50292A88D837}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wolves\starwolves.exe |
"{C6F0DC4C-369E-47D2-A63E-E3BA9355C84A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C7A3D4C4-8B59-4F66-9ACB-F8B7537CECFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C8E5242B-A04A-49A2-8E02-B3EB57900D57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C9D4B024-4F47-48A8-B32F-EDC54DA89A1C}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{CBFE927C-47CE-4E27-ABBB-34F9DB2EDECB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{CC13D6B4-66B9-4408-8766-FA5CDDBEEC27}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{CD969D83-72C9-4E56-9093-59FA892DD3CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CE1C5DA5-9B59-4BB1-905E-419A87BAAA7D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the vikings limited public alpha\run_game.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE64C9D8-924D-4403-988C-A1032E65E1D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{CF2F1B9E-EC58-4EA0-98AE-2E9DBD7DF658}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{CFA96D69-144E-44E3-9B83-226B87006C72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D0446B48-0CF4-46C3-A778-24E7560F3666}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{D08B25FF-D0D6-412A-A37A-741D4F489FC4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{D08E3534-C143-4482-B20F-1B06A26EF848}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{D1F01EC6-2CD1-4DFF-8C44-DD866AAFB027}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2.exe |
"{D25992DF-C642-4573-BC6F-0EEE5F2B4052}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3975E2C-9317-478E-ABEC-4685A160F855}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{D478A8CC-F9C4-42DF-860D-08D26762E1D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\viking battle for asgard\viking.exe |
"{D48A9E56-ABEA-420E-84C2-5AB4A37E7085}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{D4B5D83A-0D56-424E-8881-EF2C4AF47F07}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D4F5B36D-C3AB-4D17-B4BC-62B302B5C821}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{D54FF340-8F0C-40BA-9B5C-FC7D38073EC1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D6679489-946A-4E5A-86EC-981654729B8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{D724330C-02DE-45D8-B577-47492EFBC5F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D73810A5-B200-4141-85C7-155977406D04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{D79C5156-4CDB-4A8F-A7B1-F9EE05C1EF37}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D7AE679B-7878-4DBD-ACA8-E6B96898541A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{D8548EA5-E156-4B0F-B52A-701A4326E896}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9393C7C-4B37-420D-A830-B5C1E4B31259}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{D9C21875-CFF1-4C95-A0C7-11F4F030D31F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{DB59E2F9-3127-4CBD-9BFA-C43EEC1EFAA7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{DBB22619-08D2-45C9-901C-A71BAAF0E524}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{DE5C069D-6835-4BDC-8A5F-36871C09DD9A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DE94B3E4-A55C-4235-B0CE-4D0546A50926}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E07F6351-109C-4B40-A61A-0BF4B1DABD98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\take on mars\tkom_loader.exe |
"{E0FB7217-276E-4984-A65C-AC60E4EB058B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E14BD78F-D909-45ED-A387-C535AFC1F34D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E194CF64-2E24-48D3-9FE2-A29BCA098132}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{E1AC83E0-7576-4304-BD3F-81B07CA79E01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{E224AD47-8510-4FF0-A4DB-5767CF3EA909}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{E3D34FB0-CE6C-4ABC-8483-E92D29976223}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{E4287989-8B86-49CF-A33F-E4BD478867EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{E7934318-506E-426C-B491-80ECAFB534E1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8D23657-3812-45D7-927E-1867D1960FD4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{E918BADF-B11F-4FA4-9688-B075E50D03AA}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9A13350-D6A0-4D95-B7A3-9C3D2E5F975B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EABC85C0-8114-46A7-9206-9237A5747AC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{EE624714-C1F6-4B90-BB52-7A7BC5340AEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFECBF62-6E35-4B48-AA40-23B9457BEA00}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F06F258A-F1C8-4590-BD35-C09E0988AEB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F1851AB4-78B8-42C4-B99A-F47CBA101DEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F40FB0F2-F4C9-4620-A9C7-D52C50F32528}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{F4CB389E-7E14-452E-A13E-B22859B3FA31}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{F61B892F-CA5E-4D26-850E-69A3C6A9C0C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F72A071D-B346-425C-BC9F-16EAE22F78E0}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{F72E7CB2-D612-473A-8EE3-551BE9BF3769}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F7672B53-612A-4812-8DAA-54A8A897205F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9326BF5-14B1-4D35-9492-76E1E25FB60A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{FA9DBADB-5AFB-4184-9A27-3FBC43A89BDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{FBE66121-32CE-4AF6-A34F-BC6C81C710E3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{FC3DFFAE-4034-4F04-A27F-2679711CB424}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{FCD14F79-4E19-4223-9390-785491F7FC85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{FDB5A143-909D-4837-AC9D-1B82230EBD38}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE451391-5E86-49DF-875A-05E461D73B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"TCP Query User{011E5A4B-28DE-4A1B-B89C-DC3577B033F1}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{015E2B08-4F7B-46F5-A37A-CDA39FC1DB15}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{06F92875-CC91-425F-97EE-AC58002B41A5}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{14761D2E-F041-404C-82DA-6AB8EE29E923}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{1BC209B6-7C77-4905-A5EB-ABBEF88BFC92}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{23BA76FB-6274-4C03-A509-5A79DBBDC667}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe |
"TCP Query User{7D91CC43-BC75-434C-8484-8E3CD480F947}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{8545547E-532E-4CD5-955D-256AEE621AA2}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{88EDF72E-5DE2-4A9A-8F82-DFB7E737F8FE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{9978A1A1-087B-44F0-85AB-DC1D0FE403F8}C:\program files (x86)\techland\call of juarez\coj.exe" = protocol=6 | dir=in | app=c:\program files (x86)\techland\call of juarez\coj.exe |
"TCP Query User{B55858E5-C308-401D-BE7F-58174CF9059F}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{D3FC8DFE-74D4-4B67-9EF4-37B4204CAC63}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{D7D22B46-FC0B-431A-B2FB-5A231C941466}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{DFF9B467-B002-4496-AFFD-9447000A88A7}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{E24E6B87-A4F2-4CFB-AC03-831B50048073}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F741ECC4-D679-4DE9-A5BE-D3145D2F742F}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{F8C01A70-5111-405F-8C2F-014F3C0CE727}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0CD0982C-B243-4BD1-BC40-EAF7AD6CF690}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{0EA3CFF7-A931-460B-ACE8-28E87A435FF1}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{3C1A3CFE-C5A6-4DC2-B62C-EDBB9B3D169C}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{3EA52AB7-D501-4C83-A050-92FBCC25D191}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6489A25A-783D-4B1E-A091-C9AA4F05D21E}C:\program files (x86)\techland\call of juarez\coj.exe" = protocol=17 | dir=in | app=c:\program files (x86)\techland\call of juarez\coj.exe |
"UDP Query User{6EF06DBE-9C2A-481C-9D02-2034157E0247}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"UDP Query User{706724EE-8A69-41BF-A892-B433FEE08DA2}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe |
"UDP Query User{71BD9226-5B98-415C-B06D-D74DE8BCA2B9}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{77E1D513-8487-4E4F-9CAF-D2E6AE4D07D0}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{82E15EFE-17E9-4741-AA7C-594139B54102}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{86C10291-5C9B-4E48-B9ED-5590F16ADFC6}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"UDP Query User{93DF453B-CFB6-4A1F-941E-56EA6745D91F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AC9344E8-C165-4F7A-8098-D9F2C2B6195E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{DAFA240B-FB59-448F-9E3C-0FCBFE5502B6}C:\users\admin\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{DBDE76C8-B0F3-4F80-A67F-A724190705E9}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{E0E77EF9-ACAD-4D6A-9443-0EDED43E2964}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{E1EEAA67-3668-43BE-8051-5C4DFA8F19F1}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17E113E6-CD0E-4045-B154-65F0E57959EF}_is1" = IMPI 2.0.0.429
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977EBBDB-BA86-4975-803C-A7FDDF92A10C}" = AVG 2014
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{B42D82E8-FF97-48BB-91AA-86717B2B6B16}" = AVG 2014
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"AVG" = AVG 2014
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
"Defraggler" = Defraggler
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1" = gpedt.msc 1.0
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}" = Splashtop Connect IE
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}" = Splashtop Connect for Firefox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{57030680-6253-4281-A3F3-83B090BD932B}_is1" = Crashday
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Plants vs. Zombies™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Kingdoms of Amalur: Reckoning
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}" = Dead Space
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}" = PVZ Garden Warfare
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.12) - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}" = Curse
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}" = Wing Commander III
"{FC9F924E-9472-45F1-980D-8267E47AA054}" = Poke
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Aliens: Colonial Marines_is1" = Aliens: Colonial Marines
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Farm Frenzy 3: American Pie" = Farm Frenzy 3: American Pie
"FarmingSimulator2013INT_is1" = Farming Simulator 2013
"Fraps" = Fraps (remove only)
"GamingMouseEditor" = Gaming Mouse Editor
"GOGPACKREUS_is1" = Reus
"Google Chrome" = Google Chrome
"InstallShield_{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0630.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"L.A.Noire_R.G. Mechanics_is1" = L.A.Noire
"Mafia II_is1" = Mafia II
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"O2CZ" = O2
"OpenAL" = OpenAL
"Opera 12.17.1863" = Opera 12.17
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1" = Call of Juarez Gunslinger (c) Ubisoft version 1
"QnJpZGdlIFByb2plY3Q=_is1" = Bridge Project version 1
"Raptr" = Raptr
"Revo Uninstaller" = Revo Uninstaller 1.95
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scribblenauts Unlimited_is1" = Scribblenauts Unlimited
"SevenZip" = SevenZip
"Sniper Elite V2_is1" = Sniper Elite V2
"SpeedFan" = SpeedFan (remove only)
"Steam App 104320" = Red Orchestra 2: Heroes of Stalingrad Beta
"Steam App 111800" = Blocks That Matter
"Steam App 12210" = Grand Theft Auto IV
"Steam App 206500" = AirMech
"Steam App 211160" = Viking: Battle for Asgard
"Steam App 218620" = PAYDAY 2
"Steam App 223750" = DCS World
"Steam App 224540" = Ace of Spades
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 227940" = Heroes & Generals
"Steam App 236390" = War Thunder
"Steam App 24240" = PAYDAY: The Heist
"Steam App 244030" = Take On Mars
"Steam App 301520" = Robocraft
"Steam App 304930" = Unturned
"Steam App 31280" = Poker Night at the Inventory
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 42160" = War of the Roses
"Steam App 440" = Team Fortress 2
"Steam App 46270" = Star Wolves
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Stronghold 3_is1" = Stronghold 3
"TheSkyX First Light for Windows_is1" = TheSkyX First Light Edition version 10.2.0 Build 6408
"VLC media player" = VLC media player
"Wings 3D 1.4.1" = Wings 3D 1.4.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1666673100-261464351-4097836267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.10.2014 0:57:36 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2014 9:26:47 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.10.2014 14:39:16 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.10.2014 0:42:23 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.10.2014 15:47:03 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 0:53:16 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 1:24:20 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

Error - 18.10.2014 1:33:14 | Computer Name = admin-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 30.5.2012 8:36:01 | Computer Name = admin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 64 seconds with 60 seconds of active time. This session ended with a crash.

Error - 30.5.2012 8:36:39 | Computer Name = admin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 31 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 18.10.2014 4:07:24 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:25 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:26 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:27 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:27 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:28 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:29 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:30 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:31 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 18.10.2014 4:07:32 | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.


< End of report >

Napiste mi velikost adresare plochy (C:\Users\admin\Desktop)




Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.