prosim o kontrolu

[robbieknn]

Prosim vas o kontrolu ci tam niekde neni nieco podozrele, lebo pocitac je kazdym dnom pomalsi a pomalsi.... hry my zacinaju sekat,zamrza a podobne. Na jednom slovenskom fore som sa pytal ci to nie je chyba v hardware a jeden nemenovany mas sem poslal ze nech sa spytam odbornikov :
dakujem

http://www.scribd.com/doc/94534893/Log

Kedze ten subor ma vyse 150 000 znakov a nevedel som ho sem dat, tak som to uploadol na web vyssie spomenuty:)
Za odpovede Vam vopred dakujem

prosim o presun do ineho fora nahodou som to dal do zleho

[robbieknn]

prosim vas mohol by mi to niekdo skontrolovat?

[vyosek]

Zdravim

Pokud je log dlouhy, tak jej rozdelte do vice prispevku

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

[robbieknn]

RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ: Robko [Práva Správcu]
Režim: Kontrola -- Dátum: 05/24/2012 17:00:03

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] f4e4c299eb864d2134f67b5ab75f68b3
[BSP] 33e513479bed99638657a732af100db0 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

[vyosek]

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte

Muzete mi prosim do soukrome zpravy dat odkaz na to tema na SK foru

[robbieknn]

RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ: Robko [Práva Správcu]
Režim: Odebrať -- Dátum: 05/24/2012 17:07:11

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač: [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] f4e4c299eb864d2134f67b5ab75f68b3
[BSP] 33e513479bed99638657a732af100db0 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[vyosek]

Za odkaz dekuji

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[robbieknn]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.05.24.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Robko :: ROBKOO [administrátor]

Ochrana: Povolena

24. 5. 2012 17:21:18
log.txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 355918
Uplynulý čas: 29 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files (x86)\lua5.1.dll (Spyware.OnlineGames) -> Žádná instrukce nebyla provedena.

(konec)

Nemáš zač

[vyosek]

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

• C:\Program Files (x86)\lua5.1.dll
• Kliknete na Choose file
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Kliknete na Scan It
• Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
  
• Vysledek analyzy sem vlozte (jako odkaz)

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[robbieknn]

VirusTotal:
https://www.virustotal.com/file/94deef0 ... 337892617/

OTL.txt:

OTL logfile created on: 24. 5. 2012 22:23:54 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Robko\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,96 Gb Total Physical Memory | 4,98 Gb Available Physical Memory | 62,61% Memory free
15,91 Gb Paging File | 12,44 Gb Available in Paging File | 78,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 219,28 Gb Free Space | 47,09% Space Free | Partition Type: NTFS
Drive E: | 1,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ROBKOO | User Name: Robko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/05/24 22:20:37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Robko\Downloads\OTL.exe
PRC - [2012/05/14 13:39:49 | 001,816,976 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/05/05 14:13:21 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/26 19:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/20 10:35:24 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 10:35:22 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/01/20 10:35:08 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/03 13:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012/01/03 13:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/27 22:34:54 | 000,078,336 | ---- | M] (Kemsusu ) -- C:\Users\Robko\Desktop\wc3isk21rc7.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
MOD - [2012/05/23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll
MOD - [2012/05/23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll
MOD - [2012/05/23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/19 21:37:09 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/05/19 21:37:09 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/05/19 21:37:09 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/05/19 21:37:09 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/05/19 21:37:09 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/02/20 09:52:41 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012/02/20 09:52:41 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012/02/20 09:52:41 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012/02/20 09:52:41 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/02/15 05:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) Capability Licensing Service Interface) Intel(R)
SRV:64bit: - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/05 14:14:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/03 21:07:03 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/27 08:09:28 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2012/01/20 10:35:24 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2012/01/20 10:35:22 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2012/01/20 10:35:08 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2012/01/03 13:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/02 17:56:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 05:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/02/15 04:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/01/26 19:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) Ovládač hostiteľského radiča Intel(R)
DRV:64bit: - [2012/01/26 19:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) Ovládač rozbočovača Intel(R)
DRV:64bit: - [2012/01/26 19:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) Ovládač prepínača hostiteľského radiča Intel(R)
DRV:64bit: - [2012/01/18 12:24:12 | 014,658,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/12/05 21:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011/11/23 17:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/09 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2011/08/09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/11/18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/05/14 11:28:36 | 000,010,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2010/01/18 10:36:44 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Users\Robko\AppData\Local\Temp\Rar$EXa0.881\WinRing0x64.sys -- (WinRing0_1_2_0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 01 EE 37 56 2C CD 01 [binary data]
IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robko\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robko\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/05/02 01:45:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/13 18:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/05/02 01:45:43 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Robko\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Robko\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Select All Friends = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkifjigoeilijkcnpfdjbpdjgnbfibec\2.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Robko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4281489848-558699572-1819806651-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4281489848-558699572-1819806651-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7E76F7B-7CD7-4BB8-96FC-29341D3869D6}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/05/24 17:18:42 | 000,000,000 | ---D | C] -- C:\Users\Robko\AppData\Roaming\Malwarebytes
[2012/05/24 17:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/24 17:18:34 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/24 17:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/24 17:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/24 16:58:56 | 000,000,000 | ---D | C] -- C:\Users\Robko\Desktop\RK_Quarantine
[2012/05/23 13:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/05/22 22:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2012/05/22 22:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2012/05/22 18:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/05/22 18:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012/05/22 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012/05/22 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/05/22 18:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/05/22 18:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/05/22 18:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/05/22 18:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/05/22 18:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/05/22 18:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/05/22 17:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/05/22 16:13:42 | 000,000,000 | ---D | C] -- C:\Users\Robko\AppData\Roaming\HD Tune Pro
[2012/05/22 16:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
[2012/05/22 16:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
[2012/05/22 15:34:16 | 000,000,000 | ---D | C] -- C:\Users\Robko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012/05/22 15:34:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2012/05/22 15:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3
[2012/05/22 15:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor 2.3
[2012/05/22 13:40:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/05/22 13:40:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/05/22 13:40:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/05/22 13:19:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/05/22 13:18:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/05/22 13:10:20 | 000,000,000 | ---D | C] -- C:\Users\Robko\Documents\temp
[2012/05/20 14:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012/05/19 18:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/05/19 18:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2012/05/19 18:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/05/19 16:56:19 | 000,000,000 | ---D | C] -- C:\Users\Robko\AppData\Local\ElevatedDiagnostics
[2012/05/18 00:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/05/09 19:12:58 | 001,341,440 | ---- | C] (Indigo Rose Corporation) -- C:\Program Files (x86)\uninstall.exe
[2011/11/25 17:38:45 | 000,351,744 | ---- | C] (ShadowFlare Software) -- C:\Program Files (x86)\winmpq.exe
[2011/11/25 17:38:45 | 000,098,816 | ---- | C] (http://w3l.info.tm) -- C:\Program Files (x86)\euroloader.exe
[2011/11/25 17:38:45 | 000,068,608 | ---- | C] ( http://w3l.info.tm) -- C:\Program Files (x86)\w3lh.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/05/24 22:24:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/05/24 22:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/24 21:48:47 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 21:48:47 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 21:27:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000UA.job
[2012/05/24 17:18:35 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/24 11:15:00 | 000,474,121 | ---- | M] () -- C:\Users\Robko\Desktop\pcforum3.jpg
[2012/05/24 08:27:56 | 000,002,395 | ---- | M] () -- C:\Users\Robko\Desktop\Google Chrome.lnk
[2012/05/24 08:27:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000Core.job
[2012/05/24 08:23:52 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/24 08:23:52 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/24 08:23:52 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/24 07:46:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/24 07:46:21 | 2111,545,343 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 09:12:07 | 000,416,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/22 18:40:42 | 000,000,076 | ---- | M] () -- C:\Users\Robko\Desktop\setting.dat
[2012/05/22 18:02:24 | 000,002,047 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk
[2012/05/22 16:10:34 | 000,456,305 | ---- | M] () -- C:\Users\Robko\Desktop\pcforum2.jpg
[2012/05/22 15:34:16 | 000,001,086 | ---- | M] () -- C:\Users\Robko\Desktop\MSI Afterburner.lnk
[2012/05/22 15:07:55 | 000,511,309 | ---- | M] () -- C:\Users\Robko\Desktop\pcforum.jpg
[2012/05/22 15:02:02 | 000,001,092 | ---- | M] () -- C:\Users\Robko\Desktop\MSI Kombustor 2.3.lnk
[2012/05/22 13:26:08 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2012/05/22 13:26:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2012/05/20 14:02:55 | 000,001,007 | ---- | M] () -- C:\Users\Robko\Desktop\SpeedFan.lnk
[2012/05/20 14:02:54 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/24 22:24:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/05/24 17:18:35 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/24 11:15:00 | 000,474,121 | ---- | C] () -- C:\Users\Robko\Desktop\pcforum3.jpg
[2012/05/22 18:40:06 | 000,000,076 | ---- | C] () -- C:\Users\Robko\Desktop\setting.dat
[2012/05/22 18:02:24 | 000,002,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk
[2012/05/22 16:10:34 | 000,456,305 | ---- | C] () -- C:\Users\Robko\Desktop\pcforum2.jpg
[2012/05/22 15:34:16 | 000,001,086 | ---- | C] () -- C:\Users\Robko\Desktop\MSI Afterburner.lnk
[2012/05/22 15:07:55 | 000,511,309 | ---- | C] () -- C:\Users\Robko\Desktop\pcforum.jpg
[2012/05/22 15:02:02 | 000,001,092 | ---- | C] () -- C:\Users\Robko\Desktop\MSI Kombustor 2.3.lnk
[2012/05/20 14:02:55 | 000,001,007 | ---- | C] () -- C:\Users\Robko\Desktop\SpeedFan.lnk
[2012/05/20 14:02:54 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012/05/09 19:12:59 | 000,325,952 | ---- | C] () -- C:\Program Files (x86)\lua5.1.dll
[2012/05/02 14:12:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/02 14:08:43 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/05/02 14:08:43 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/02 14:08:43 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/05/02 01:21:04 | 013,206,016 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/05/02 01:21:04 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/05/02 01:21:04 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/05/02 01:21:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/05/02 01:21:04 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/11/25 17:38:45 | 000,321,024 | ---- | C] () -- C:\Program Files (x86)\gproxy.exe
[2011/11/25 17:38:45 | 000,118,784 | ---- | C] () -- C:\Program Files (x86)\pdcurses.dll
[2011/11/25 17:38:45 | 000,003,336 | ---- | C] () -- C:\Program Files (x86)\eurobattle.reg
[2011/09/19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll

========== LOP Check ==========

[2012/05/05 12:33:14 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\DAEMON Tools Pro
[2012/05/02 01:46:34 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\ESET
[2012/05/22 16:13:42 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\HD Tune Pro
[2012/05/02 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\SplitMediaLabs
[2012/05/14 21:32:29 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\TS3Client
[2012/05/22 13:28:47 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\uTorrent
[2009/07/14 07:08:49 | 000,016,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/03/30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012/03/30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/09/29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/09/29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/05/08 00:14:27 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Adobe
[2012/05/02 14:17:43 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\ATI
[2012/05/05 12:33:14 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\DAEMON Tools Pro
[2012/05/22 13:10:21 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\DivX
[2012/05/02 01:46:34 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\ESET
[2012/05/22 16:13:42 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\HD Tune Pro
[2012/05/02 01:14:56 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Identities
[2012/05/02 08:30:17 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Macromedia
[2012/05/24 17:18:42 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Malwarebytes
[2009/07/14 09:54:32 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Media Center Programs
[2012/05/22 18:02:19 | 000,000,000 | --SD | M] -- C:\Users\Robko\AppData\Roaming\Microsoft
[2012/05/24 22:21:42 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\Skype
[2012/05/02 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\SplitMediaLabs
[2012/05/14 21:32:29 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\TS3Client
[2012/05/22 13:28:47 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\uTorrent
[2012/05/02 10:01:04 | 000,000,000 | ---D | M] -- C:\Users\Robko\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012/05/22 18:02:19 | 000,010,134 | R--- | M] () -- C:\Users\Robko\AppData\Roaming\Microsoft\Installer\{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/05/02 11:33:51 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012/05/02 11:33:51 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2012/02/28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012/05/02 11:33:52 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job >
[2012/05/24 22:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/05/24 08:27:00 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000Core.job
[2012/05/24 22:27:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/05/02 11:33:51 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012/05/02 11:33:51 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2012/02/28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012/05/02 11:33:52 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/05/24 07:48:45 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2012/05/22 13:26:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Robko\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/05/02 08:22:10 | 000,116,648 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012/04/05 11:41:28 | 017,356,424 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2012/04/26 14:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd)
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2012/05/05 14:13:21 | 001,242,448 | ---- | M] (Valve Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/05/02 11:33:52 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/05/24 22:24:57 | 000,000,512 | ---- | M] () MD5=F4E4C299EB864D2134F67B5AB75F68B3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/05/03 14:13:40 | 032,914,462 | ---- | M] () -- \Users\Robko\Downloads\Battlefield.3.CRACK.ONLY-RELOADED.rar

< *keygen* /s >

< *loader* /s >
[2012/05/02 16:30:09 | 002,070,207 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2010/02/09 23:23:12 | 000,003,026 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/02/09 23:23:14 | 000,004,261 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010/10/10 08:34:58 | 002,639,424 | ---- | M] () -- \$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Launcher (DO NOT USE)\BackgroundDownloader.exe
[2011/09/25 22:18:06 | 000,098,816 | ---- | M] () -- \Program Files (x86)\euroloader.exe
[2011/05/06 17:47:43 | 000,000,046 | ---- | M] () -- \Program Files (x86)\euroloader.txt
[2012/05/19 19:27:53 | 000,000,147 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010/08/05 15:33:12 | 000,034,304 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.3\KLoaderWin32.exe
[2011/07/06 11:55:18 | 000,064,352 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.3\PhysXLoader.dll
[2011/09/25 22:18:06 | 000,098,816 | ---- | M] () -- \Program Files (x86)\Warcraft III\euroloader.exe
[2012/05/09 19:13:00 | 000,001,784 | ---- | M] () -- \Program Files (x86)\Warcraft III\Euroloader.lnk
[2011/05/06 17:47:43 | 000,000,046 | ---- | M] () -- \Program Files (x86)\Warcraft III\euroloader.txt
[2012/05/19 18:17:28 | 006,396,128 | ---- | M] () -- \Program Files (x86)\World of Warcraft\BackgroundDownloader.exe
[2012/05/19 19:28:09 | 000,001,166 | ---- | M] () -- \Program Files (x86)\World of Warcraft\Logs\Downloader.log
[2010/12/05 23:26:43 | 000,004,068 | ---- | M] () -- \Program Files\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2010/12/05 23:26:43 | 000,065,664 | ---- | M] () -- \Program Files\Need For Speed World\Data\GFX\_RadialFlareLoader_Double_I1.dds
[2010/12/05 23:26:43 | 000,001,152 | ---- | M] () -- \Program Files\Need For Speed World\Data\GFX\_RadialFlareLoader_Double_I4.dds
[2012/02/17 20:55:09 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012/05/02 16:30:09 | 002,070,207 | ---- | M] () -- \Program Files\World of Warcraft wotlk\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2010/02/09 23:23:12 | 000,003,026 | ---- | M] () -- \Program Files\World of Warcraft wotlk\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/02/09 23:23:14 | 000,004,261 | ---- | M] () -- \Program Files\World of Warcraft wotlk\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010/10/10 08:34:58 | 002,639,424 | ---- | M] () -- \Program Files\World of Warcraft wotlk\Launcher (DO NOT USE)\BackgroundDownloader.exe
[2012/03/26 10:12:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/03/26 10:12:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/03/26 10:12:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/03/26 10:12:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/05/11 11:28:19 | 000,010,519 | ---- | M] () -- \Users\Robko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZAJK8PB\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012/05/11 11:28:19 | 000,000,652 | ---- | M] () -- \Users\Robko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQUTIYME\AdLoader[1].htm
[2012/05/06 18:37:23 | 000,010,364 | ---- | M] () -- \Users\Robko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WJ5MC8VI\AdLoader-31f86c1d55aec17be3f2a203a8e4fb19.min[1].js
[2012/04/30 14:14:26 | 000,009,051 | ---- | M] () -- \Users\Robko\AppData\Roaming\DAEMON Tools Pro\MediaInfo\img\loader.gif
[2012/04/30 14:14:26 | 000,016,119 | ---- | M] () -- \Users\Robko\AppData\Roaming\DAEMON Tools Pro\MediaInfo\img\logo_loader_page.jpg
[2012/04/30 14:14:26 | 000,018,434 | ---- | M] () -- \Users\Robko\AppData\Roaming\DAEMON Tools Pro\MediaInfo\img\logo_loader_page.png
[2012/04/30 14:14:26 | 000,009,283 | ---- | M] () -- \Users\Robko\AppData\Roaming\DAEMON Tools Pro\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012/04/30 14:14:26 | 000,001,699 | ---- | M] () -- \Users\Robko\AppData\Roaming\DAEMON Tools Pro\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012/05/09 19:28:18 | 000,001,969 | ---- | M] () -- \Users\Robko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Euroloader.lnk
[2012/05/09 19:28:18 | 000,002,005 | ---- | M] () -- \Users\Robko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobattle.net\Euroloader.lnk
[2012/05/08 23:03:25 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012/05/24 21:23:21 | 000,013,626 | ---- | M] () -- \Windows\Prefetch\EUROLOADER.EXE-17AB2ACC.pf
[2010/11/20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010/11/20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/02/02 15:15:04 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012/02/02 15:15:04 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 09:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 09:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 09:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 09:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 09:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/05/22 13:26:41 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/05/22 13:26:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/05/22 13:26:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/05/22 13:26:41 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/05/22 13:26:41 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 09:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[robbieknn]

Extrax.txt:

OTL Extras logfile created on: 24. 5. 2012 22:23:54 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Robko\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,96 Gb Total Physical Memory | 4,98 Gb Available Physical Memory | 62,61% Memory free
15,91 Gb Paging File | 12,44 Gb Available in Paging File | 78,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 219,28 Gb Free Space | 47,09% Space Free | Partition Type: NTFS
Drive E: | 1,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ROBKOO | User Name: Robko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14F0764B-B0D9-434B-BFDF-925252146C7E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1893EE37-9BC1-4F56-A5E0-7583B65FFB0A}" = rport=139 | protocol=6 | dir=out | app=system |
"{2E13C3F5-306A-4846-BC00-2B654FA624AA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3557105E-29A0-413F-ABB6-5C67B75DC185}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{37F4FBEC-6F8C-4881-8B8C-D18681139A48}" = lport=445 | protocol=6 | dir=in | app=system |
"{4EC11E59-2427-4E47-A272-7ED29B8C4D75}" = rport=137 | protocol=17 | dir=out | app=system |
"{5527D179-0399-4A35-9039-8BA1EF7B3A39}" = lport=139 | protocol=6 | dir=in | app=system |
"{55735BAE-3477-4382-A8FE-342BE4926C76}" = rport=138 | protocol=17 | dir=out | app=system |
"{7963BAFE-8C4B-4AE3-A10A-1FF2E965E85C}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D948678-CAC7-42BB-93AB-13BABAC15A80}" = rport=445 | protocol=6 | dir=out | app=system |
"{80C70C73-E3EE-4CB0-A525-958649B5A0AF}" = lport=137 | protocol=17 | dir=in | app=system |
"{83D91117-81B8-4C26-81F8-788A32594718}" = rport=10243 | protocol=6 | dir=out | app=system |
"{895F2F26-3FDA-4AD7-925C-6A48988A1A9B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{AFB37C79-75E3-478F-83D1-2E6AE3DC68B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC10EDB9-0973-4964-AD99-730FB7217D88}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD4442A0-3279-4AB1-8889-6C153545206D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C56455C4-8205-42B2-A17F-83864E6F3C70}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C96E1B0C-681A-4184-B295-404BF5DB4826}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D714A1F5-2FEF-4BD8-9F02-4BCC242FAB88}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DCF59D33-2B98-4607-83EA-0DEA8EA24858}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E052C31D-0B25-491F-9EA2-8AD03FFAE402}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1DB79D0-DBF2-47B9-8D70-BAAA6C77243F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01106679-1A6F-4FB3-B503-C168E992B9CE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{0213CB52-83F5-4E2B-9572-A9A49E25ECC7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0453B00A-5F4D-463B-804E-FA85019461F3}" = protocol=58 | dir=in | app=system |
"{069C977D-7A0C-46AD-93BB-CEEBF8E24EE2}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{0FB4E4FD-53C9-4A2A-95E3-96B0B401B3E4}" = protocol=17 | dir=in | app=c:\program files\battlefield 3\battlefield 3™\bf3.exe |
"{13D65FBB-DB17-4483-A437-9BCA53B22ABC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{17BE8C98-0D31-436E-AB1C-256A585ACB64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1A3B5DE9-F08B-43E1-838F-2A38482A82FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2B800A64-C352-4712-B02E-6E5B406F9A71}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\ancias_carlos\counter-strike\hl.exe |
"{2C6EC85E-CE7B-42E7-81A9-05AF7DC73845}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3093315D-5EB1-4736-962A-FB516BE6A315}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{330C4AA8-E2D8-4ADE-BA0F-81D9BF7AC9CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{33AD8BC0-4A17-41A7-8C9E-3A49ACA8587D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E35D4E2-EF3C-4CD5-BF5E-97EAA7815E92}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{518A2B68-D2B3-474D-9A0D-8CBEFF12856F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{53137CF1-12E5-4B8D-9CFB-52CDF18AB7E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57B1D7BB-7E33-4B41-8C90-307465A2B95C}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{5950B3FB-46A0-47A1-8DEF-906C8ACB0397}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5EC74228-2684-418D-B330-24F99728CA91}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ED1831B-659D-4B5A-9E87-85623DAED1C5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61F126D7-AF19-47C1-BE8A-AC1EBFE663B8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{71657162-1C6C-4AF1-9DAF-B43BCE8FCBB4}" = protocol=6 | dir=out | app=system |
"{72636D27-B08C-40D6-B5EA-1C97B4044417}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7BE69BBC-0748-402E-81D8-808D04CAAFB4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7D022CC4-2992-427B-B279-80708619B937}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7D7FA838-2576-46DE-973C-44D5D2EB3DE6}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{81649029-52E2-455E-AB8E-DFA2AD6B8DEA}" = protocol=6 | dir=in | app=c:\program files\need for speed the run\need for speed the run.exe |
"{8B00B12C-4A31-4C68-A7BE-F04B6E52F1EE}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{8B773456-5856-4CC7-B9F8-14EE791F5AA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\ancias_carlos\counter-strike\hl.exe |
"{93039291-5FB5-4D5D-B589-01F17A156E13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{934776C8-458E-41D2-896F-B26005E2096B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{967FE83F-5B56-4496-8A20-F5260AB8576A}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{B0ED2DE3-282C-4074-BDF6-FAE0FEF49FF1}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{BCF5CF97-7D97-4007-A7BC-580A4CA241E6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C2D0A7A0-84E3-47B9-B510-0CF365A18A18}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4D32708-D3D0-4B02-A27F-8E1A0DD8EBD0}" = protocol=6 | dir=in | app=c:\program files\battlefield 3\battlefield 3™\bf3.exe |
"{C86B0981-4DE3-4DA4-BC28-79FD84851D54}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{D79ECC44-B211-4211-BD17-A7C25219BC91}" = protocol=17 | dir=in | app=c:\program files\need for speed the run\need for speed the run.exe |
"{DE165DB7-497B-4431-9618-CCBA8B8F8F79}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E67D30DB-CE47-4F96-B874-DC85CB62455C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EADEC630-7FA9-41AD-B3AE-4CC2CFB11848}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EE45819B-0DC9-4B43-98B1-635E1E31CB06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{303D4148-8E3B-42AD-B313-53E6A170AFD1}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{489FDA4B-FF2E-4558-ACA8-49F6E3B998D6}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{FCF54759-8971-4AD3-AF7A-15725CF2AF2E}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{21D4D8CE-A827-4EB1-BBAC-241AA55C0D88}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{C57CA1BD-2B13-4B69-B4CE-3CAA3CFA1AD0}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{CAA2D6BF-5199-4A23-87C4-971940E88D43}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AFC919D-751B-A5D7-B17D-7C0067A65D2E}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85AC4D00-5264-4FFE-B7DB-2E2D373CC45E}" = ESET Smart Security
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{A810DDAA-774D-8EE3-94E9-A4DD2DE008A0}" = ccc-utility64
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6E3BFF1-C1CE-8560-2563-5538F43AA0A3}" = AMD Media Foundation Decoders
"{EEF3FF3A-ED17-260C-E6C8-5089D43BD3CE}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE0E0750-F77B-C8E3-3734-E71CC0CF0DA3}" = AMD Accelerated Video Transcoding
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.3.0
"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}" = Need for Speed™ The Run
"{12EC39F2-AD04-F6AF-418F-FA75C60AF3B7}" = Catalyst Control Center Graphics Previews Common
"{12F3F8B2-2DF5-BFF7-F636-CC24AC864339}" = CCC Help Finnish
"{17A9B4DC-73C9-8BD4-0B1E-3878F869E0D2}" = CCC Help English
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19F89153-1BF6-0962-264A-E254FFF2210C}" = CCC Help Swedish
"{1A8BCAD3-6F77-7333-62F1-0B31183D57A4}" = CCC Help Japanese
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2AD567C9-7B27-9D9E-D7CD-24F0C3A92868}" = CCC Help Italian
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3734E29B-B370-1A68-D3F0-98AECB1D05CD}" = CCC Help Turkish
"{3AECBB89-C281-CD75-12C5-25EDD00B2213}" = CCC Help Greek
"{3B410D6A-2EA5-4C58-350E-069702C2997C}" = CCC Help Spanish
"{3B848D8C-8153-A2CA-4A75-327C9A0A6E2C}" = CCC Help Dutch
"{41910260-4532-4734-8181-3E8AFDBB05D7}" = EasyBoost
"{44D4BDB1-4108-13BD-3A7C-4915F6116601}" = Catalyst Control Center Localization All
"{59557396-8012-0BA2-CD9B-F043D188B6C9}" = CCC Help Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64029508-2587-4D39-AB83-2AC722FBFCC2}" = XSplit
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6C6E3C68-682E-9998-51C1-0BDE801E22E6}" = CCC Help French
"{6C79E543-0989-FFAA-0C31-6518107D1596}" = CCC Help Norwegian
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{87F7BAD4-4ED2-1412-CD54-696D6EADD889}" = CCC Help Czech
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8EE1E061-9FB4-F6DE-5BC0-0F7C5BE1E63A}" = Catalyst Control Center InstallProxy
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E95E74A-970D-163A-51CC-6FA941B2DD45}" = CCC Help German
"{A4B3E67A-8CED-E584-7C23-0F63BFC8DAB4}" = CCC Help Thai
"{AA9DF51B-5528-7554-E8F6-450407B20244}" = CCC Help Chinese Standard
"{ABBFF208-7D49-FBA1-5388-83FD2B059DA1}" = CCC Help Polish
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{B812A0C9-44F2-E6B0-88F1-9FA6142857D9}" = CCC Help Danish
"{C90C86D7-957C-F094-4843-D387FDB320B0}" = Catalyst Control Center
"{DC18093A-53D6-5601-15F3-28831A5CBC99}" = CCC Help Korean
"{E351EA86-8E19-2B52-22F0-3A1DF4093D0C}" = CCC Help Hungarian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F76CA8E9-0673-62CE-D37A-6EA2CF7D7159}" = CCC Help Russian
"{F8303282-5E82-9492-E08B-8B8C0FDC3B14}" = CCC Help Chinese Traditional
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.2.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30
"DAEMON Tools Pro" = DAEMON Tools Pro
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eurobattle.net1.26" = Eurobattle.net
"HD Tune Pro_is1" = HD Tune Pro 5.00
"InstallShield_{41910260-4532-4734-8181-3E8AFDBB05D7}" = EasyBoost
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.61.0.1400
"Searchqu Toolbar" = Searchqu Toolbar
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"uTorrent" = µTorrent
"Warcraft III Reign of Chaos & The Frozen Throne" = Warcraft III Reign of Chaos & The Frozen Throne
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23. 5. 2012 5:53:49 | Computer Name = Robkoo | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 23. 5. 2012 5:54:17 | Computer Name = Robkoo | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\world
of warcraft\gta iv pc version\Crack\GTAIV.exe". Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 23. 5. 2012 7:35:16 | Computer Name = Robkoo | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: RSITx64 (1).exe, verzia: 3.3.6.1, časová
značka: 0x4bc81628 Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.17725, časová
značka: 0x4ec4aa8e Kód výnimky: 0xc0000005 Odstup chyby: 0x000000000009970a Identifikácia
chybného procesu: 0x10b0 Čas spustenia chybnej aplikácie: 0x01cd38d81f24b6cb Cesta
chybnej aplikácie: C:\Users\Robko\Downloads\RSITx64 (1).exe Cesta chybného modulu:
C:\Windows\SYSTEM32\ntdll.dll Identifikácia hlásenia: 5dc3cb31-a4cb-11e1-9d53-8c89a5c389e6

Error - 24. 5. 2012 1:46:52 | Computer Name = Robkoo | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: SearchIndexer.exe, verzia: 7.0.7601.17610,
časová značka: 0x4dc0d019 Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.17725,
časová značka: 0x4ec4aa8e Kód výnimky: 0xc0000005 Odstup chyby: 0x000000000009970a
Identifikácia
chybného procesu: 0xa68 Čas spustenia chybnej aplikácie: 0x01cd39709c170aa6 Cesta
chybnej aplikácie: C:\Windows\system32\SearchIndexer.exe Cesta chybného modulu:
C:\Windows\SYSTEM32\ntdll.dll Identifikácia hlásenia: dc57fd87-a563-11e1-8c04-8c89a5c389e6

Error - 24. 5. 2012 1:52:35 | Computer Name = Robkoo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 24. 5. 2012 1:52:35 | Computer Name = Robkoo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 24. 5. 2012 2:23:52 | Computer Name = Robkoo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 24. 5. 2012 2:23:52 | Computer Name = Robkoo | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 24. 5. 2012 2:44:22 | Computer Name = Robkoo | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 24. 5. 2012 2:44:46 | Computer Name = Robkoo | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\world
of warcraft\gta iv pc version\Crack\GTAIV.exe". Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 19. 5. 2012 18:24:53 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7000
Description = Spustenie služby AMD External Events Utility zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 22. 5. 2012 5:11:54 | Computer Name = Robkoo | Source = DCOM | ID = 10010
Description =

Error - 23. 5. 2012 3:16:51 | Computer Name = Robkoo | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.127.390.0).

Error - 23. 5. 2012 4:52:41 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Intel(R) Capability Licensing Service
Interface bol dosiahnutý časový limit (30000 ms).

Error - 23. 5. 2012 4:52:41 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Intel(R) Capability Licensing Service Interface zlyhalo
kvôli nasledujúcej chybe: %%1053

Error - 24. 5. 2012 1:44:56 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby AMD External Events Utility bol
dosiahnutý časový limit (30000 ms).

Error - 24. 5. 2012 1:44:56 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7000
Description = Spustenie služby AMD External Events Utility zlyhalo kvôli nasledujúcej
chybe: %%1053

Error - 24. 5. 2012 1:46:54 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 24. 5. 2012 1:47:22 | Computer Name = Robkoo | Source = DCOM | ID = 10010
Description =

Error - 24. 5. 2012 1:47:24 | Computer Name = Robkoo | Source = Service Control Manager | ID = 7032
Description = Správca riadenia služieb sa po neočakávanom ukončení služby Windows
Search pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala
s nasledujúcou chybou: %%1056


< End of report >

[vyosek]

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

• C:\Users\Robko\Desktop\wc3isk21rc7.exe
  c:\Program Files (x86)\euroloader.exe
• Kliknete na Choose file
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Kliknete na Scan It
• Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
  
• Vysledek analyzy sem vlozte (jako odkaz)

[robbieknn]

wc3isk21rc7.exe:
https://www.virustotal.com/file/5a160af ... 337934693/

euroloader.exe:
https://www.virustotal.com/file/619b095 ... 337934837/

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
  IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
  IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 01 EE 37 56 2C CD 01 [binary data]
  IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
  IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  IE - HKU\S-1-5-21-4281489848-558699572-1819806651-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
  O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
  O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
  O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
  O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
  O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
  O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
  O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
  O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [15 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
  [2012/05/24 22:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2012/05/24 08:27:00 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000Core.job
  [2012/05/24 22:27:00 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000UA.job
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  "Skype"=-
  "DAEMON Tools Pro Agent"=-
  "Steam"=-
  
  :files
  c:\$Recycle.Bin
  C:\Program Files (x86)\Searchqu Toolbar
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[robbieknn]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-4281489848-558699572-1819806651-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-4281489848-558699572-1819806651-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4281489848-558699572-1819806651-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4281489848-558699572-1819806651-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\ deleted successfully.
C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}\ deleted successfully.
C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3774.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDBCE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4D65.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF8B0.tmp folder deleted successfully.
C:\Windows\Temp\DMI250C.tmp deleted successfully.
C:\Windows\Temp\DMI3967.tmp deleted successfully.
C:\Windows\Temp\DMI6132.tmp deleted successfully.
C:\Windows\Temp\DMIA0E.tmp deleted successfully.
C:\Windows\Temp\TS_1798.tmp deleted successfully.
C:\Windows\Temp\TS_1B22.tmp deleted successfully.
C:\Windows\Temp\TS_1F16.tmp deleted successfully.
C:\Windows\Temp\TS_2705.tmp deleted successfully.
C:\Windows\Temp\TS_2947.tmp deleted successfully.
C:\Windows\Temp\TS_2E09.tmp deleted successfully.
C:\Windows\Temp\TS_34AE.tmp deleted successfully.
C:\Windows\Temp\TS_7CD.tmp deleted successfully.
C:\Windows\Temp\TS_D98.tmp deleted successfully.
C:\Windows\Temp\UDDA47F.tmp deleted successfully.
C:\Windows\Temp\UDDB1F0.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281489848-558699572-1819806651-1000UA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
========== FILES ==========
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RSALUAB\enGB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RSALUAB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RPY8BIY folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RMUDVLQ folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RLNWPAD\enGB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RLNWPAD folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\SOOSY\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\SOOSY\EU Arena-tournament.com 3.3.5\Khallico\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\SOOSY\EU Arena-tournament.com 3.3.5\Khallico folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\SOOSY\EU Arena-tournament.com 3.3.5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\SOOSY folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Picujebal\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Picujebal folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxz\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxz folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxxzz\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxxzz folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxx\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissxx folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissr\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissr folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissix\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Brissix folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Briss\SavedVariables folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5\Briss folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX\EU Arena-tournament.com 3.3.5 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account\BRISSIX folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF\Account folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\WTF folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Screenshots folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Logs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Launcher (DO NOT USE) folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\widgets folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\panels folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\localization folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\libs\LibSharedMedia-3.0 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\libs\CallbackHandler-1.0 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config\libs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC_Config folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC\localization folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC\libs\LibStub folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC\libs\Classy-1.0 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC\libs folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC\effects folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\OmniCC folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\InterruptBar\backup folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\InterruptBar folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_TrainerUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_TradeSkillUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_TokenUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_TimeManager folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_TalentUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_RaidUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_MacroUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_ItemSocketingUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_InspectUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_GuildBankUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_GMSurveyUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_GMChatUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_GlyphUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_DebugTools folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_CombatText folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_CombatLog folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_Calendar folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_BindingUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_BattlefieldMinimap folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_BarbershopUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_AuctionUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_ArenaUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns\Blizzard_AchievementUI folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface\AddOns folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Interface folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Errors folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Interface\Cinematics folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Interface folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\Troubleshooting folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\Support folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\ReadMe folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\Layout folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\images\titles folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\images\buttons folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation\images folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB\Documentation folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data\enGB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Data folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Cache\WDB\enGB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Cache\WDB folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3\Cache folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$RKAI2D3 folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$R3HOXOE\models folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000\$R3HOXOE folder moved successfully.
c:\$Recycle.Bin\S-1-5-21-4281489848-558699572-1819806651-1000 folder moved successfully.
c:\$Recycle.Bin\S-1-5-20 folder moved successfully.
c:\$Recycle.Bin folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\components folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Robko
->Temp folder emptied: 94736171 bytes
->Temporary Internet Files folder emptied: 637611039 bytes
->Google Chrome cache emptied: 387804424 bytes
->Flash cache emptied: 18115 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 165001691 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46356791 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 270,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Robko
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.43.1 log created on 05262012_014841

Files\Folders moved on Reboot...
C:\Users\Robko\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...