VIRY.CZ

Dobrý den.

Poprosil bych Vás o kontrolu logu. Předem děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by My at 2012-11-30 20:45:34
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 37 GB (48%) free of 76 GB
Total RAM: 3071 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:40, on 30.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\explorer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\My\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\My\Desktop\RSIT.exe
C:\Program Files\trend micro\My.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15187
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\My\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [] D:\Program Files\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-801721396-2043881397-985488794-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-801721396-2043881397-985488794-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - D:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe

--
End of file - 7246 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default

prefs.js - "browser.startup.homepage" - "http://eu.ask.com/?l=dis&o=15187"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.132.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.132.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=D:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 3117344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\My\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-17 116648]
""=D:\Program Files\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-11-12 1104824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-06-25 1073352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
D:\Program Files\Kies\KiesAirMessage.exe [2012-11-01 577536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
D:\Program Files\Kies\Kies.exe [2012-11-12 968120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\Program Files\Kies\KiesTrayAgent.exe [2012-11-12 309688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacTypeTray]
C:\Program Files\MacType\MacTray.exe [2012-04-06 604160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe [2012-07-21 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.vorbis"=vorbis.acm
"vidc.x264"=D:\PROGRA~1\x264vfw\x264vfw.dll
"msacm.lameacm"=LameACM.acm
"VIDC.RTV1"=rtvcvfw32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open -

======List of files/folders created in the last 1 month======

2012-11-30 20:45:34 ----D---- C:\rsit
2012-11-30 20:45:34 ----D---- C:\Program Files\trend micro
2012-11-24 22:35:06 ----D---- C:\ProgramData\TEMP
2012-11-24 22:35:06 ----D---- C:\ProgramData\AutoUpdate
2012-11-23 17:49:10 ----D---- C:\Program Files\NVIDIA 3D Vision driver
2012-11-23 17:49:01 ----D---- C:\Program Files\AGEIA Technologies
2012-11-23 17:44:22 ----A---- C:\Windows\system32\nvopencl.dll
2012-11-23 17:44:22 ----A---- C:\Windows\system32\nvoglv32.dll
2012-11-23 17:44:22 ----A---- C:\Windows\system32\nvcuvid.dll
2012-11-23 17:44:21 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-11-23 17:44:21 ----A---- C:\Windows\system32\nvcuda.dll
2012-11-23 17:44:21 ----A---- C:\Windows\system32\nvcompiler.dll
2012-11-23 17:44:21 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-11-22 20:23:07 ----A---- C:\Windows\system32\dgderapi.dll
2012-11-22 20:04:02 ----D---- C:\Program Files\PdaNet for Android
2012-11-22 17:09:20 ----D---- C:\Users\My\AppData\Roaming\Theta
2012-11-21 16:44:06 ----D---- C:\Program Files\Common Files\Skype
2012-11-18 05:49:52 ----A---- C:\Windows\system32\nvStreaming.exe
2012-11-14 12:47:49 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-11-14 12:47:49 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-11-14 12:47:48 ----A---- C:\Windows\system32\Wdfres.dll
2012-11-14 12:47:17 ----A---- C:\Windows\system32\WUDFSvc.dll
2012-11-14 12:47:17 ----A---- C:\Windows\system32\WUDFPlatform.dll
2012-11-14 12:47:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2012-11-14 12:47:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2012-11-14 12:47:16 ----A---- C:\Windows\system32\WUDFx.dll
2012-11-14 12:47:16 ----A---- C:\Windows\system32\WUDFHost.exe
2012-11-14 12:47:16 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2012-11-14 12:46:50 ----A---- C:\Windows\system32\vbscript.dll
2012-11-14 12:46:50 ----A---- C:\Windows\system32\mshtmled.dll
2012-11-14 12:46:50 ----A---- C:\Windows\system32\jsproxy.dll
2012-11-14 12:46:49 ----A---- C:\Windows\system32\msfeeds.dll
2012-11-14 12:46:49 ----A---- C:\Windows\system32\ieUnatt.exe
2012-11-14 12:46:49 ----A---- C:\Windows\system32\ieui.dll
2012-11-14 12:46:48 ----A---- C:\Windows\system32\wininet.dll
2012-11-14 12:46:48 ----A---- C:\Windows\system32\url.dll
2012-11-14 12:46:48 ----A---- C:\Windows\system32\jscript9.dll
2012-11-14 12:46:48 ----A---- C:\Windows\system32\jscript.dll
2012-11-14 12:46:47 ----A---- C:\Windows\system32\iertutil.dll
2012-11-14 12:46:46 ----A---- C:\Windows\system32\urlmon.dll
2012-11-14 12:46:44 ----A---- C:\Windows\system32\ieframe.dll
2012-11-14 12:46:41 ----A---- C:\Windows\system32\mshtml.dll
2012-11-14 08:52:22 ----A---- C:\Windows\system32\win32k.sys
2012-11-14 08:52:21 ----A---- C:\Windows\system32\synceng.dll
2012-11-14 08:52:19 ----A---- C:\Windows\system32\ncsi.dll
2012-11-14 08:52:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-11-14 08:52:18 ----A---- C:\Windows\system32\nlasvc.dll
2012-11-14 08:52:18 ----A---- C:\Windows\system32\nlaapi.dll
2012-11-14 08:52:18 ----A---- C:\Windows\system32\netevent.dll
2012-11-14 08:52:18 ----A---- C:\Windows\system32\netcorehc.dll
2012-11-14 08:52:18 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-11-14 08:52:18 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-11-14 08:52:12 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-11-14 08:52:12 ----A---- C:\Windows\system32\dhcpcore6.dll
2012-11-12 21:07:26 ----D---- C:\ProgramData\CanonIJ
2012-11-12 21:07:18 ----D---- C:\Users\My\AppData\Roaming\Canon
2012-11-12 20:04:45 ----HD---- C:\ProgramData\CanonIJEPPEX
2012-11-12 20:04:32 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2012-11-12 20:04:31 ----HD---- C:\ProgramData\CanonIJEPPEX2
2012-11-12 20:04:31 ----HD---- C:\ProgramData\CanonEPP
2012-11-12 20:04:24 ----HD---- C:\ProgramData\CanonIJMyPrinter
2012-11-12 20:03:54 ----D---- C:\ProgramData\CanonIJPLM
2012-11-12 19:58:25 ----D---- C:\ProgramData\CanonIJMSetup
2012-11-12 19:56:23 ----D---- C:\Program Files\Common Files\CANON
2012-11-12 19:56:06 ----D---- C:\ProgramData\CanonIJWSpt
2012-11-12 19:53:33 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2012-11-12 19:53:29 ----A---- C:\Windows\system32\CNHMCA.dll
2012-11-12 19:53:29 ----A---- C:\Windows\system32\CNC280U.dll
2012-11-12 19:53:29 ----A---- C:\Windows\system32\CNC280L.dll
2012-11-12 19:53:29 ----A---- C:\Windows\system32\CNC280I.dll
2012-11-12 19:53:29 ----A---- C:\Windows\system32\CNC280C.dll
2012-11-12 19:53:09 ----A---- C:\Windows\system32\CNMLMAA.DLL
2012-11-12 19:53:02 ----A---- C:\Windows\system32\CNC280O.dll
2012-11-12 19:52:59 ----A---- C:\Windows\system32\CNMIUAA.DLL
2012-11-12 19:52:49 ----HD---- C:\Program Files\CanonBJ
2012-11-12 19:52:09 ----D---- C:\Program Files\Canon
2012-11-08 15:13:46 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-11-05 22:21:51 ----D---- C:\ProgramData\YTD Video Downloader
2012-11-05 22:21:47 ----D---- C:\Program Files\GreenTree Applications
2012-11-04 18:18:32 ----D---- C:\Program Files\Dokan
2012-11-02 19:21:25 ----D---- C:\Users\My\AppData\Roaming\vlc

======List of files/folders modified in the last 1 month======

2012-11-30 20:45:40 ----D---- C:\Windows\Prefetch
2012-11-30 20:45:36 ----D---- C:\Windows\Temp
2012-11-30 20:45:34 ----RD---- C:\Program Files
2012-11-30 20:44:27 ----D---- C:\Users\My\AppData\Roaming\uTorrent
2012-11-30 20:12:38 ----D---- C:\Windows\Minidump
2012-11-30 20:12:38 ----D---- C:\ProgramData\NVIDIA
2012-11-30 20:12:24 ----D---- C:\Windows
2012-11-30 19:56:14 ----D---- C:\Users\My\AppData\Roaming\Skype
2012-11-30 14:32:48 ----D---- C:\Windows\system32\config
2012-11-28 11:18:06 ----D---- C:\Windows\winsxs
2012-11-28 11:18:01 ----D---- C:\Windows\AppPatch
2012-11-28 11:17:52 ----SHD---- C:\System Volume Information
2012-11-28 11:07:13 ----D---- C:\Windows\system32\catroot
2012-11-28 11:07:11 ----D---- C:\Windows\system32\catroot2
2012-11-24 22:35:06 ----HD---- C:\ProgramData
2012-11-24 20:56:27 ----D---- C:\Users\My\AppData\Roaming\wargaming.net
2012-11-24 09:56:33 ----D---- C:\Windows\system32\NDF
2012-11-23 18:34:13 ----D---- C:\Windows\System32
2012-11-23 17:52:26 ----D---- C:\Windows\inf
2012-11-23 17:50:36 ----D---- C:\Windows\system32\DriverStore
2012-11-23 17:49:17 ----D---- C:\Program Files\NVIDIA Corporation
2012-11-23 17:49:03 ----SHD---- C:\Windows\Installer
2012-11-23 17:46:13 ----D---- C:\Windows\system32\drivers
2012-11-23 16:00:15 ----D---- C:\Users\My\AppData\Roaming\Audacity
2012-11-23 14:19:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-11-22 20:26:55 ----D---- C:\Users\My\AppData\Roaming\Samsung
2012-11-22 20:24:34 ----D---- C:\Windows\Microsoft.NET
2012-11-22 20:23:05 ----HD---- C:\Program Files\InstallShield Installation Information
2012-11-22 20:22:27 ----D---- C:\ProgramData\Samsung
2012-11-22 16:28:55 ----D---- C:\temp
2012-11-22 16:28:54 ----D---- C:\Windows\system32\directx
2012-11-22 16:28:54 ----D---- C:\Windows\Logs
2012-11-22 15:54:09 ----D---- C:\Users\My\AppData\Roaming\DAEMON Tools Lite
2012-11-22 15:15:47 ----D---- C:\Program Files\Battlelog Web Plugins
2012-11-21 16:44:11 ----D---- C:\ProgramData\Skype
2012-11-21 16:44:06 ----RD---- C:\Program Files\Skype
2012-11-21 16:44:06 ----D---- C:\Program Files\Common Files
2012-11-18 17:22:01 ----A---- C:\Windows\system32\nvwgf2um.dll
2012-11-18 17:22:01 ----A---- C:\Windows\system32\nvdispgenco32.dll
2012-11-18 17:22:01 ----A---- C:\Windows\system32\nvdispco32.dll
2012-11-18 17:22:01 ----A---- C:\Windows\system32\nvd3dum.dll
2012-11-18 17:22:01 ----A---- C:\Windows\system32\nvapi.dll
2012-11-18 13:49:59 ----A---- C:\Windows\system32\nvsvc.dll
2012-11-18 13:49:56 ----A---- C:\Windows\system32\nvcpl.dll
2012-11-18 13:49:51 ----A---- C:\Windows\system32\nvvsvc.exe
2012-11-18 13:49:51 ----A---- C:\Windows\system32\nvsvcr.dll
2012-11-18 13:49:51 ----A---- C:\Windows\system32\nvshext.dll
2012-11-18 13:49:51 ----A---- C:\Windows\system32\nvmctray.dll
2012-11-16 20:44:19 ----D---- C:\Windows\rescache
2012-11-14 14:53:50 ----RSD---- C:\Windows\assembly
2012-11-14 13:47:43 ----RSD---- C:\Windows\Fonts
2012-11-14 13:47:42 ----D---- C:\Windows\system32\migration
2012-11-14 13:47:42 ----D---- C:\Windows\system32\en-US
2012-11-14 13:47:42 ----D---- C:\Windows\system32\cs-CZ
2012-11-14 13:47:42 ----D---- C:\Windows\PolicyDefinitions
2012-11-14 13:47:41 ----D---- C:\Windows\system32\wbem
2012-11-14 13:47:41 ----D---- C:\Windows\system32\drivers\en-US
2012-11-14 13:47:41 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-11-14 13:47:40 ----D---- C:\Windows\system32\sk-SK
2012-11-14 13:47:39 ----D---- C:\Program Files\Internet Explorer
2012-11-14 12:52:17 ----D---- C:\ProgramData\Microsoft Help
2012-11-14 12:48:56 ----D---- C:\Windows\debug
2012-11-14 12:48:51 ----A---- C:\Windows\system32\MRT.exe
2012-11-12 20:04:46 ----D---- C:\Windows\system32\FxsTmp
2012-11-12 20:00:53 ----RSD---- C:\Windows\Media
2012-11-12 20:00:49 ----D---- C:\Windows\twain_32
2012-11-09 14:18:24 ----D---- C:\ProgramData\Adobe
2012-11-09 14:18:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-11-03 19:29:53 ----D---- C:\Users\My\AppData\Roaming\FileZilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-02 242240]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 169080]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 95744]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 103112]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-04-02 47640]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 uxpatch;uxpatch; \??\C:\Windows\system32\drivers\uxpatch.sys [2009-07-13 25448]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-04-02 10144]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-02-25 25216]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-07-31 83168]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2010-09-22 32768]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\D:\Program Files\RealTemp_370\WinRing0.sys [2008-07-26 14416]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DokanMounter;DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2012-03-07 913144]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-11-18 645480]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-11-18 1259880]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-07-20 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-18 382824]
R2 UnsignedThemes;Unsigned Themes; C:\Windows\UnsignedThemesSvc.exe [2009-07-13 21096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-09 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CGVPNCliSrvc;CyberGhost VPN Client; D:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2011-12-06 2430128]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-21 655624]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-25 114144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-07-21 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-18 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-08 46528]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-08 139680]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Druhý log z RSIT:

info.txt logfile of random's system information tool 1.09 2012-11-30 20:45:42

======Uninstall list======

-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
µTorrent-->"D:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.20-->"D:\Program Files\7-Zip\Uninstall.exe"
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Download Assistant-->msiexec /qb /x {C8773FDB-D0DB-BE52-D536-F48F9886B57B}
Adobe Download Assistant-->MsiExec.exe /I{C8773FDB-D0DB-BE52-D536-F48F9886B57B}
Adobe Dreamweaver CS6-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}"
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_110_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Manager-->msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Help Manager-->MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Illustrator CS6-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{4869414E-7AEA-4C8E-BE1C-8D40977FD517}"
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe Muse-->msiexec /qb /x {767E6D85-365F-0C62-3CE4-15EBC76F5D7E}
Adobe Muse-->MsiExec.exe /I{767E6D85-365F-0C62-3CE4-15EBC76F5D7E}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS6-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Adobe Reader X (10.1.4) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Widget Browser-->msiexec /qb /x {EFBE6DD5-B224-96E5-72B9-68D328CB12A6}
Adobe Widget Browser-->MsiExec.exe /I{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
Aktualizace NVIDIA 1.11.3-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage Display.Update
ASIO4ALL-->D:\Program Files\ASIO4ALL v2\uninstall.exe
Assassin's Creed ® III-->\"C:\Program Files (x86)\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe\" -runfromtemp -l0x0019 -removeonly
Assassins Creed III version 5.1-->"D:\Program Files\Assassins Creed III\unins000.exe"
Audacity 2.0-->"D:\Program Files\Audacity\unins000.exe"
AviSynth 2.6-->"D:\Program Files\AviSynth 2.5\Uninstall.exe"
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_73c28da64803cefc\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_13826104cd8e800f\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_52F0DFAA648E25523CF0EE10FEDF6AC712ED34DB\pccsmcfd.inf
Battlefield 3™-->"C:\Program Files\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
Canon Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Easy-WebPrint EX-->"C:\Program Files\Canon\Easy-WebPrint EX\Maint.exe" /UninstallRemove C:\Program Files\Canon\Easy-WebPrint EX\uninst.ini
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
Canon MP Navigator EX 4.0-->"C:\Program Files\Canon\MP Navigator EX 4.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 4.0\uninst.ini
Canon MP280 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series /L0x0005
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Solution Menu EX-->"C:\Program Files\Canon\Solution Menu EX\uninst.exe" /UninstallRemove C:\Program Files\Canon\Solution Menu EX\uninst.ini
CCleaner-->"D:\Program Files\CCleaner\uninst.exe"
CoD 2 čeština 1.1-->"D:\Games\Call of Duty 2\Call of Duty 2\main\unins000.exe"
CyberGhost VPN-->"D:\Program Files\CyberGhost VPN\unins000.exe"
DAEMON Tools Lite-->D:\Program Files\DAEMON Tools Lite\uninst.exe
Deckadance-->D:\Program Files\Vstplugins\Deckadance\uninstall.exe
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{18636D65-B3A5-4B6A-A869-A2D57FAC2512}" "1029" "0"
DJ Java Decompiler v.3.12.12.96-->MsiExec.exe /I{0DB51EBE-ECD4-4308-A55C-3DFDC4E83814}
Dokan Library 0.6.0-->"C:\Program Files\Dokan\DokanLibrary\DokanUninstall.exe"
EPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
ESN Sonar-->C:\Program Files\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
FL Studio 10-->D:\Program Files\Image-Line\FL Studio 10\uninstall.exe
Flash Decompiler Trillix-->"D:\Program Files\Eltima Software\Flash Decompiler Trillix\unins000.exe"
Fraps (remove only)-->"D:\Program Files\Fraps\uninstall.exe"
Game Booster 3-->"D:\Program Files\IObit\Game Booster 3\unins000.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
High-Logic FontCreator 6.5-->"D:\Program Files\High-Logic FontCreator\unins000.exe"
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Java SE Development Kit 7 Update 5-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0170050}
JavaFX 2.1.1 SDK-->MsiExec.exe /X{2222706F-666A-4037-7777-211328764D10}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
Lame ACM MP3 Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\Windows\INF\LameACM.inf
MacType-->MsiExec.exe /I{BF1E3896-1CF9-4494-9633-165ED620E228}
Microsoft .NET Framework 4.5 CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5 CSY Language Pack-->MsiExec.exe /X{CF2FF2C3-3013-33E4-8413-92090A340FE1}
Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5-->MsiExec.exe /X{9F612429-4A00-3D44-88CF-146DA2EE1F92}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{2304F942-79D2-46F7-A512-269A7F5B7EFC}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-0000-0000000FF1CE}" "{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-0000-0000000FF1CE}" "{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1029" "0"
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Mozilla Firefox 15.0 (x86 cs)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSI Afterburner 2.2.4-->"D:\Program Files\MSI Afterburner\uninstall.exe"
MSI Kombustor 2.4.2-->"D:\Program Files\MSI Kombustor 2.4\unins000.exe"
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT Redists-->MsiExec.exe /I{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NHL™ 09-->MsiExec.exe /X{827B97A9-B347-4110-9F89-37AF2B758F94}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{A57025CC-5F2E-4D01-B387-06DB10500D43}
Nokia PC Suite-->C:\ProgramData\Installations\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}\Nokia_PC_Suite_ALL.exe
Nokia PC Suite-->MsiExec.exe /I{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Ovladač 3D Vision 310.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.18.0-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 310.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 310.61-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.12.1031-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{9C0DED62-4364-4907-A26A-484BA5D704C7}\NVI2.DLL",UninstallPackage Display.PhysX
Opera 12.02-->"C:\Program Files\Opera\Opera.exe" /uninstall
Origin-->D:\Program Files\Origin\OriginUninstall.exe
Package: Galaxy Nexus ToolKit [JellyBean Edition]-->D:\Program Files\Galaxy Nexus ToolKit\Uninst.exe
Pazera Free MP4 to AVI Converter 1.6-->"D:\Program Files\pazera-software\MP4_to_AVI_Converter\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{644F4910-E812-49AD-93EC-86828CB81A0D}
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
PunkBuster Services-->C:\Windows\system32\pbsvc_bc2.exe -u
Registrace uživatele zařízení Canon MP280 series-->C:\Program Files\Canon\IJEREG\MP280 series\UNINST.EXE
Samsung Kies-->"C:\Program Files\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
SAMSUNG USB Driver for Mobile Phones-->D:\Program Files\Samsung Kies\USB Drivers\Uninstall.exe
Security Update for Microsoft .NET Framework 4.5 (KB2729460)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {D1A70159-3DBA-3290-AE90-90F1387B42C8}
Security Update for Microsoft .NET Framework 4.5 (KB2737083)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\setup.exe /uninstallpatch {C2CC4CC0-255B-307E-A5A3-53B4000F6701}
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{73CC972E-6ABF-456B-9E1E-BADC0E65B57A}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{D267D0F7-9770-467D-ACF3-FB2F7E0AC532}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{FDCB9E3E-FA40-40E9-AFF4-73BDE8E52205}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{ED57715B-D523-4EC9-854B-FB3E768E4349}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{CC39BA1F-7A25-440C-86A7-77E35D8CC88C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{87149E40-4C8B-4E16-8571-D54E9B817D0B}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{54A1B66B-F5B2-45AD-8B19-5F51A027A1B9}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{61461470-8168-4F4B-97B7-617AF354F028}" "1029" "0"
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{0A682BA4-3C78-42C3-8DDF-EB9A6ABE5535}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{4D8C4F20-7E4F-4068-A0A4-BF841D42693A}" "1029" "0"
SHIFT 2 UNLEASHED™-->MsiExec.exe /X{E8C37E27-5205-4C8A-BECB-B00533045AAE}
Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}
Sniper Elite V2-->"D:\Games\SniperEliteV2\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sublime Text 2.0.1-->"D:\Program Files\Sublime Text 2\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
System Requirements Lab CYRI-->MsiExec.exe /I{943A8D28-80D6-41DC-AE94-81FEB42041BF}
TechPowerUp GPU-Z-->"D:\Program Files\GPU-Z\uninstall.exe"
The KMPlayer (remove only)-->"D:\Program Files\The KMPlayer\uninstall.exe"
The Sims™ 3 Diesel Каталог-->\"C:\Program Files\InstallShield Installation Information\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}\Sims3SP07Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Katy Perry Сладкие радости-->\"C:\Program Files\InstallShield Installation Information\{9B2506E3-9A3F-45B5-96BF-509CAD584650}\Sims3SP06Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 В сумерках-->\"C:\Program Files\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Все возрасты-->\"C:\Program Files\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Городская жизнь Каталог-->\"C:\Program Files\InstallShield Installation Information\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}\Sims3SP04Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Изысканная спальня Каталог-->\"C:\Program Files\InstallShield Installation Information\{08A25478-C5DD-4EA7-B168-3D687CA987FF}\Sims3SP05Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Карьера-->\"C:\Program Files\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Мир приключений-->\"C:\Program Files\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Отдых на природе Каталог-->\"C:\Program Files\InstallShield Installation Information\{117B6BF6-82C3-420C-B284-9247C8568E53}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Питомцы-->\"C:\Program Files\InstallShield Installation Information\{C12631C6-804D-4B32-B0DD-8A496462F106}\Sims3EP05Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Скоростной режим Каталог-->\"C:\Program Files\InstallShield Installation Information\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Современная роскошь Каталог-->\"C:\Program Files\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3 Шоу-бизнес-->\"C:\Program Files\InstallShield Installation Information\{3BBFD444-5FAB-49F6-98B1-A1954E831399}\Sims3EP06Setup.exe\" -runfromtemp -l0x0019 -removeonly
The Sims™ 3-->\"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe\" -runfromtemp -l0x0019 -removeonly
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1029" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1029" "0"
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{2AB2E0DF-DF6F-4051-895B-A09FA08AD387}" "1029" "0"
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{E6EAF5E1-5E2A-4E4F-847E-97B45179E45B}" "1029" "0"
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C06ABC7E-8923-4BB1-A7A2-197F5A3E0973}" "1029" "0"
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{6F6FD0B7-2500-41ED-8425-A6AE5958EB52}" "1029" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1029" "0"
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1029" "0"
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{3CF6665E-28CD-4EBC-B0C1-34BF7FB09C53}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{1DC8BAA2-4DA9-4998-B122-5114077DD6AF}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{F5375654-36F8-42FE-A2C2-0826FDF22D42}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1029" "0"
UxStyle Core Beta-->MsiExec.exe /X{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}
Vegas Pro 11.0-->MsiExec.exe /X{6AEFCA01-8DF1-11E1-A17B-F04DA23A5C58}
VLC media player 2.0.4-->D:\Program Files\VideoLAN\VLC\uninstall.exe
War Thunder Launcher 1.0.1.91-->"D:\Games\War Thunder\unins000.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.20 beta 3 (32-bit)-->D:\Program Files\WinRar\uninstall.exe
World of Tanks v.0.7.4-->"D:\Games\World of Tanks\unins000.exe"
x264vfw - H.264/MPEG-4 AVC codec (remove only)-->D:\Program Files\x264vfw\x264vfw-uninstall.exe
XML Notepad 2007-->MsiExec.exe /I{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}
YTD Video Downloader 3.9.4-->"C:\Program Files\GreenTree Applications\YTD Video Downloader\uninstall.exe"
ZOTAC FireStorm-->"D:\Program Files\ZOTAC FireStorm\uninstall.exe"

======Hosts File======

127.0.0.1 localhost
127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 mp02.maniaplanet.com
127.0.0.1 mp01.maniaplanet.com
127.0.0.1 mp03.maniaplanet.com

======System event log======

Computer Name: My-PC
Event Code: 7036
Message: Stav služby Zprostředkovatel domácích skupin byl změněn na: Spuštěno
Record Number: 17001
Source Name: Service Control Manager
Time Written: 20120618104023.179687-000
Event Type: Informace
User:

Computer Name: My-PC
Event Code: 7036
Message: Stav služby Hostitel poskytovatele rozpoznávání funkce byl změněn na: Spuštěno
Record Number: 17000
Source Name: Service Control Manager
Time Written: 20120618104023.179687-000
Event Type: Informace
User:

Computer Name: My-PC
Event Code: 7036
Message: Stav služby Windows Search byl změněn na: Spuštěno
Record Number: 16999
Source Name: Service Control Manager
Time Written: 20120618104021.101562-000
Event Type: Informace
User:

Computer Name: My-PC
Event Code: 7036
Message: Stav služby Hostitel zařízení UPnP byl změněn na: Spuštěno
Record Number: 16998
Source Name: Service Control Manager
Time Written: 20120618104021.039062-000
Event Type: Informace
User:

Computer Name: My-PC
Event Code: 14206
Message: Server médií MY-PC: My: byl úspěšně inicializován a sdílí média se síťovými zařízeními médií.
Record Number: 16997
Source Name: Microsoft-Windows-WMPNSS-Service
Time Written: 20120618104021.000000-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: My-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 2235377
Source Name: NVIDIA OpenGL Driver
Time Written: 20120803200444.000000-000
Event Type: Upozornění
User:

Computer Name: My-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 2235376
Source Name: NVIDIA OpenGL Driver
Time Written: 20120803200444.000000-000
Event Type: Upozornění
User:

Computer Name: My-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 2235375
Source Name: NVIDIA OpenGL Driver
Time Written: 20120803200444.000000-000
Event Type: Upozornění
User:

Computer Name: My-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 2235374
Source Name: NVIDIA OpenGL Driver
Time Written: 20120803200444.000000-000
Event Type: Upozornění
User:

Computer Name: My-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 2235373
Source Name: NVIDIA OpenGL Driver
Time Written: 20120803200444.000000-000
Event Type: Upozornění
User:

=====Security event log=====

Computer Name: My-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MY-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\iasacct.dll
ID popisovače: 0x20

Informace o procesu:
ID procesu: 0x8e4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1665
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517205607.218750-000
Event Type: Úspěšný audit
User:

Computer Name: My-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MY-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\mblctr.exe
ID popisovače: 0x20

Informace o procesu:
ID procesu: 0x8e4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1664
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517205607.203125-000
Event Type: Úspěšný audit
User:

Computer Name: My-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MY-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\WMPEncEn.dll
ID popisovače: 0x20

Informace o procesu:
ID procesu: 0x8e4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1663
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517205607.140625-000
Event Type: Úspěšný audit
User:

Computer Name: My-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MY-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\rwinsta.exe
ID popisovače: 0x20

Informace o procesu:
ID procesu: 0x8e4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1662
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517205607.140625-000
Event Type: Úspěšný audit
User:

Computer Name: My-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MY-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\C_ISCII.DLL
ID popisovače: 0x20

Informace o procesu:
ID procesu: 0x8e4
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 1661
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120517205607.140625-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;C:\Program Files\Java\jdk1.7.0_05\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;D:\Program Files\gdipp\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=170a
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"PT5HOME"=C:\Program Files\Cisco Packet Tracer 5.3.3
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------



Log z AdwCleaner:

# AdwCleaner v2.010 - Logfile created 11/30/2012 at 21:50:50
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : My - MY-PC
# Boot Mode : Normal
# Running from : C:\Users\My\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\searchplugins\Askcom.xml
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\My\AppData\Local\APN
Folder Found : C:\Users\My\AppData\Roaming\pdfforge

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=15187

-\\ Mozilla Firefox v15.0 (cs)

Profile name : default
File : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://eu.ask.com/?l=dis&o=15187");

-\\ Google Chrome v23.0.1271.95

File : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.19] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={31367AA6-896F-45FF-A591-5398CB45879E}&mid=19cfd46bc14c47d09d09d16d673e4466-f767aee558aab27b2a2dfa961b7899f91e8a0982&lang=cs&ds=ac011&pr=sa&d=2012-07-16 13:03:35&v=11.1.0.12&sap=hp" ]
Found [l.3447] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={31367AA6-896F-45FF-A591-5398CB45879E}&mid=19cfd46bc14c47d09d09d16d673e4466-f767aee558aab27b2a2dfa961b7899f91e8a0982&lang=cs&ds=ac011&pr=sa&d=2012-07-16 13:03:35&v=11.1.0.12&sap=hp" ]

-\\ Opera v12.2.1578.0

File : C:\Users\My\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3174 octets] - [30/11/2012 21:50:50]

########## EOF - C:\AdwCleaner[R1].txt - [3234 octets] ##########

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.30.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
My :: MY-PC [administrátor]

Ochrana: Povolena

30.11.2012 22:30:26
mbam-log-2012-11-30 (23-49-01).txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 445304
Uplynulý čas: 1 hodin, 15 minut, 55 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.010 - Logfile created 12/01/2012 at 20:25:02
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : My - MY-PC
# Boot Mode : Normal
# Running from : C:\Users\My\Desktop\Ochrana PC\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\searchplugins\Askcom.xml
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\My\AppData\Local\APN
Folder Deleted : C:\Users\My\AppData\Roaming\pdfforge

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=15187 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (cs)

Profile name : default
File : C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\prefs.js

Deleted : user_pref("browser.startup.homepage", "hxxp://eu.ask.com/?l=dis&o=15187");

-\\ Google Chrome v23.0.1271.95

File : C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.19] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={31367AA6-896F-45FF-A591-5398C[...]
Deleted [l.3462] : urls_to_restore_on_startup = [ "hxxp://isearch.avg.com/?cid={31367AA6-896F-45FF-A591-5398CB45[...]

-\\ Opera v12.2.1578.0

File : C:\Users\My\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3303 octets] - [30/11/2012 21:50:50]
AdwCleaner[S1].txt - [2552 octets] - [01/12/2012 20:25:02]

########## EOF - C:\AdwCleaner[S1].txt - [2612 octets] ##########

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 7.12.2012 12:45:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\My\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 75,08% Memory free
5,99 Gb Paging File | 5,12 Gb Available in Paging File | 85,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 41,08 Gb Free Space | 55,12% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 666,03 Gb Free Space | 71,50% Space Free | Partition Type: NTFS

Computer Name: MY-PC | User Name: My | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.12.07 12:43:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\My\Desktop\OTL.exe
PRC - [2012.11.18 17:22:01 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.11.18 13:50:10 | 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.11.18 13:49:59 | 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.11.18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.07 14:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2012.03.07 14:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.10 13:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.07.13 00:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.18 16:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll
MOD - [2012.01.08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV - [2012.11.18 17:22:01 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.09 14:18:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.21 13:47:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012.08.25 02:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.21 19:08:04 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.05.18 13:49:39 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.03.07 14:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011.12.06 12:54:14 | 002,430,128 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- D:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV - [2011.01.10 13:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.13 00:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2012.11.18 17:22:01 | 009,370,472 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.07.31 11:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.07.02 17:44:48 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.06.11 10:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.05.11 09:40:56 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012.04.02 11:17:40 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012.03.14 07:40:02 | 000,169,080 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012.03.14 07:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.03.14 07:40:02 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.01.10 13:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.22 20:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010.02.25 16:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.13 00:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch)
DRV - [2009.03.18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.07.26 21:30:30 | 000,014,416 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Program Files\RealTemp_370\WinRing0.sys -- (WinRing0_1_2_0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\..\SearchScopes\{459368E5-22ED-4AB2-A06B-0737F611F09A}: "URL" = http://websearch.ask.com/redirect?clien ... 99887D9750
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

IE - HKU\S-1-5-21-801721396-2043881397-985488794-1003\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: support@super-hide-ip.com:1.0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\My\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\My\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.09.03 14:04:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.05.17 19:11:52 | 000,000,000 | ---D | M]

[2012.09.03 14:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\My\AppData\Roaming\Mozilla\Extensions
[2012.11.09 08:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\extensions
[2012.09.03 21:42:33 | 000,004,546 | ---- | M] () (No name found) -- C:\Users\My\AppData\Roaming\Mozilla\Firefox\Profiles\xwbqrxyf.default\extensions\support@super-hide-ip.com.xpi

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\My\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\My\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\My\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\My\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: AdobeExManDetect (Enabled) = D:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Magic Actions for YouTube\u2122 = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.6_0\
CHR - Extension: Angry Birds = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: AdBlock = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.49_0\
CHR - Extension: Minimal = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfhcmjkebafbfikmbkhdpbmfpfjgiog\1.0_0\
CHR - Extension: Isoball 3 = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\
CHR - Extension: Resolution Test = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhfcdbheobinplaamokffboaccidbal\2.0_0\
CHR - Extension: LiveReload = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnihajbhpnppcggbcgedagnkighmdlei\2.0.9_0\
CHR - Extension: YouTube Auto Replay = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcdpnidfhfjfbafmpppcplcejgepadbo\2.82_0\
CHR - Extension: YouTube = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbbohnodglnladfiabdknifodljiomo\2012.12.2.59524_0\
CHR - Extension: Prohl\u00ED\u017Ee\u010D dokument\u016F ve form\u00E1tu PDF/PowerPoint (od spole\u010Dnosti Google) = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: Feed Intent Viewer = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\oceapojkdgeophkjdijkpbjifdnfimdh\1.2_0\
CHR - Extension: Psykopaint = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: Google Reader = C:\Users\My\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\

O1 HOSTS File: ([2012.11.30 21:54:24 | 000,001,210 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-801721396-2043881397-985488794-1001..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-801721396-2043881397-985488794-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{249DE0D9-3C06-4798-B887-E888FEC39DE4}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-801721396-2043881397-985488794-1001 Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e658e986-a049-11e1-aba7-002421daad95}\Shell - "" = AutoRun
O33 - MountPoints2\{e658e986-a049-11e1-aba7-002421daad95}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.x264 - D:\Program Files\x264vfw\x264vfw.dll (x264vfw project)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.12.07 12:43:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\My\Desktop\OTL.exe
[2012.12.02 11:19:17 | 000,000,000 | ---D | C] -- C:\Users\My\Desktop\BF3-CZ-Reskin
[2012.12.01 11:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2012.12.01 00:00:45 | 000,000,000 | ---D | C] -- C:\Users\My\Desktop\Ochrana PC
[2012.11.30 22:28:02 | 000,000,000 | ---D | C] -- C:\Users\My\AppData\Roaming\Malwarebytes
[2012.11.30 22:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.30 22:27:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.11.30 20:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.11.30 20:45:34 | 000,000,000 | ---D | C] -- C:\rsit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.12.07 12:47:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.07 12:45:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job
[2012.12.07 12:43:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\My\Desktop\OTL.exe
[2012.12.07 12:40:37 | 000,024,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.07 12:40:36 | 000,024,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.07 12:35:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.07 12:35:16 | 2415,296,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.06 23:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.04 18:22:01 | 017,405,325 | ---- | M] () -- C:\Users\My\Desktop\SEREBRO_-_Gun_(Official_HD_Video).mp4
[2012.12.03 17:37:26 | 000,001,776 | ---- | M] () -- C:\Users\My\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.12.02 11:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job
[2012.12.01 20:27:14 | 004,020,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.01 11:25:51 | 000,138,032 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.12.01 11:25:36 | 000,281,688 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.12.01 11:23:14 | 000,000,718 | ---- | M] () -- C:\Users\Public\Desktop\FarCry 3.lnk
[2012.11.30 20:14:21 | 000,001,095 | ---- | M] () -- C:\Users\My\Desktop\World of Tanks.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.07 12:47:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.04 18:20:50 | 017,405,325 | ---- | C] () -- C:\Users\My\Desktop\SEREBRO_-_Gun_(Official_HD_Video).mp4
[2012.12.01 20:26:48 | 004,020,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.01 11:23:14 | 000,000,718 | ---- | C] () -- C:\Users\Public\Desktop\FarCry 3.lnk
[2012.11.30 20:14:22 | 000,001,095 | ---- | C] () -- C:\Users\My\Desktop\World of Tanks.lnk
[2012.09.28 13:10:17 | 000,000,015 | ---- | C] () -- C:\Windows\Firestorm.INI
[2012.09.02 13:57:42 | 000,000,600 | ---- | C] () -- C:\Users\My\AppData\Local\PUTTY.RND
[2012.08.28 12:15:26 | 000,916,480 | ---- | C] () -- C:\Windows\expstart.exe
[2012.08.28 12:10:32 | 000,000,132 | ---- | C] () -- C:\Users\My\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
[2012.08.28 10:53:50 | 000,202,144 | ---- | C] () -- C:\Windows\UTP.exe
[2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.07.20 18:22:59 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2012.06.06 20:38:45 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2012.06.05 21:49:06 | 000,003,049 | ---- | C] () -- C:\Users\My\AppData\Roaming\PStrip.bk!
[2012.06.05 21:49:02 | 000,003,118 | ---- | C] () -- C:\Users\My\AppData\Roaming\PStrip.bak
[2012.06.05 21:45:59 | 000,003,160 | ---- | C] () -- C:\Users\My\AppData\Roaming\PStrip.ini
[2012.06.04 20:09:10 | 000,000,336 | ---- | C] () -- C:\Users\My\.packettracer
[2012.06.03 23:18:45 | 000,000,132 | ---- | C] () -- C:\Users\My\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
[2012.05.24 23:08:21 | 000,000,132 | ---- | C] () -- C:\Users\My\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2012.05.24 16:00:07 | 000,001,776 | ---- | C] () -- C:\Users\My\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.05.19 10:29:14 | 000,138,056 | ---- | C] () -- C:\Users\My\AppData\Roaming\PnkBstrK.sys
[2012.05.19 10:29:14 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.05.19 10:28:47 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012.05.19 10:28:46 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012.05.17 20:12:17 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.05.17 20:10:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.01.10 13:49:16 | 000,035,840 | ---- | C] () -- C:\Windows\System32\dokan.dll

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.08.12 17:56:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.minecraft
[2012.07.16 15:12:19 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.Nitrous
[2012.09.29 15:10:10 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.technicraft
[2012.07.16 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Ashampoo
[2012.11.23 16:00:15 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Audacity
[2012.08.18 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\BlackBean
[2012.11.12 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Canon
[2012.08.27 20:23:31 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.08.25 20:48:21 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.12.01 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\DAEMON Tools Lite
[2012.07.06 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\DJJava
[2012.05.21 15:45:28 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\EPSON
[2012.11.03 19:29:53 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\FileZilla
[2012.08.27 16:01:51 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\FontCreator
[2012.05.26 09:57:36 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Leadertech
[2012.07.15 22:09:14 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Nokia
[2012.09.29 15:15:31 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Notepad++
[2012.05.17 18:46:45 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Opera
[2012.12.04 20:44:49 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Origin
[2012.07.15 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\PC Suite
[2012.06.02 17:06:09 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Publish Providers
[2012.12.01 00:03:06 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Samsung
[2012.07.16 16:08:11 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sony
[2012.07.16 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sony Creative Software Inc
[2012.06.09 13:54:04 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.06 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sublime Text 2
[2012.06.06 20:19:52 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\SuperHideIP
[2012.08.23 22:55:53 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\TeamViewer
[2012.11.22 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Theta
[2012.12.06 20:05:33 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\uTorrent
[2012.08.29 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\VistaStyleBuilder
[2012.11.24 20:56:27 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,616 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.05.17 18:30:24 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job
[2012.05.17 18:30:24 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job
[2012.07.17 08:47:10 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\System32\drivers\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.12 17:56:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.minecraft
[2012.07.16 15:12:19 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.Nitrous
[2012.09.29 15:10:10 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\.technicraft
[2012.10.21 16:52:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Adobe
[2012.08.21 14:42:55 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\AdobeMuse
[2012.07.16 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Ashampoo
[2012.11.23 16:00:15 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Audacity
[2012.08.18 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\BlackBean
[2012.11.12 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Canon
[2012.08.27 20:23:31 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.08.25 20:48:21 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.12.01 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\DAEMON Tools Lite
[2012.07.06 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\DJJava
[2012.05.21 15:45:28 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\EPSON
[2012.11.03 19:29:53 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\FileZilla
[2012.08.27 16:01:51 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\FontCreator
[2012.05.17 18:26:27 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Identities
[2012.05.26 09:57:36 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Leadertech
[2012.05.17 18:39:33 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Macromedia
[2012.11.30 22:28:02 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Malwarebytes
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Media Center Programs
[2012.08.10 11:49:12 | 000,000,000 | --SD | M] -- C:\Users\My\AppData\Roaming\Microsoft
[2012.09.03 14:04:33 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Mozilla
[2012.07.15 22:09:14 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Nokia
[2012.09.29 15:15:31 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Notepad++
[2012.06.02 17:05:52 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\NVIDIA
[2012.05.17 18:46:45 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Opera
[2012.12.04 20:44:49 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Origin
[2012.07.15 21:38:54 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\PC Suite
[2012.06.02 17:06:09 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Publish Providers
[2012.12.01 00:03:06 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Samsung
[2012.12.06 23:38:01 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Skype
[2012.07.16 16:08:11 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sony
[2012.07.16 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sony Creative Software Inc
[2012.06.09 13:54:04 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.06 19:19:35 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Sublime Text 2
[2012.06.06 20:19:52 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\SuperHideIP
[2012.08.23 22:55:53 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\TeamViewer
[2012.11.22 17:09:20 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\Theta
[2012.12.06 20:05:33 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\uTorrent
[2012.08.29 21:21:48 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\VistaStyleBuilder
[2012.11.11 12:27:04 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\vlc
[2012.11.24 20:56:27 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\wargaming.net
[2012.05.17 19:08:08 | 000,000,000 | ---D | M] -- C:\Users\My\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.08.21 14:39:14 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Users\My\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.09.02 13:16:54 | 000,395,776 | ---- | M] (Simon Tatham) -- C:\Users\My\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\psftp.exe
[2012.09.02 13:16:54 | 000,184,390 | ---- | M] (http://subversion.apache.org/) -- C:\Users\My\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\svn.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.12.06 23:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.02 11:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job
[2012.12.07 12:45:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.12.07 12:40:36 | 000,024,112 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.07 12:40:37 | 000,024,112 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\My\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.05.17 18:30:23 | 000,116,648 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 16:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.10.08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.09.07 23:19:38 | 000,874,896 | ---- | M] (Opera Software) MD5=E9B8F06429A1727D9FD9D4CE023EDCEB -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.07 12:47:30 | 000,000,512 | ---- | M] () MD5=22AB89C012B64835899A9EC899BC7D3E -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2008.08.26 00:32:24 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2010.10.07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.04 18:36:34 | 000,013,191 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.ErrorNotification.html
[2012.05.04 18:36:34 | 000,020,412 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.html
[2012.05.04 18:36:34 | 000,006,577 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.PreloaderNotification.html
[2012.05.04 18:36:34 | 000,010,547 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.ProgressNotification.html
[2012.05.04 18:36:34 | 000,015,062 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.StateChangeNotification.html
[2012.05.04 18:36:34 | 000,014,394 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\Preloader.StateChangeNotification.Type.html
[2012.05.04 18:36:34 | 000,006,822 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.ErrorNotification.html
[2012.05.04 18:36:34 | 000,004,429 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.html
[2012.05.04 18:36:34 | 000,009,241 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.PreloaderNotification.html
[2012.05.04 18:36:34 | 000,006,873 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.ProgressNotification.html
[2012.05.04 18:36:34 | 000,006,957 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.html
[2012.05.04 18:36:34 | 000,011,145 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.Type.html
[2012.05.04 18:36:36 | 000,010,357 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.Attribute.html
[2012.05.04 18:36:36 | 000,013,135 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ControllerMethodEventHandler.html
[2012.05.04 18:36:36 | 000,014,713 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.CopyElement.html
[2012.05.04 18:36:36 | 000,013,264 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.DefineElement.html
[2012.05.04 18:36:36 | 000,022,847 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.Element.html
[2012.05.04 18:36:36 | 000,014,095 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ExpressionTargetMapping.html
[2012.05.04 18:36:36 | 000,060,895 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.html
[2012.05.04 18:36:36 | 000,015,458 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.IncludeElement.html
[2012.05.04 18:36:36 | 000,017,089 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.InstanceDeclarationElement.html
[2012.05.04 18:36:36 | 000,014,851 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ObservableListChangeAdapter.html
[2012.05.04 18:36:36 | 000,015,260 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ObservableMapChangeAdapter.html
[2012.05.04 18:36:36 | 000,013,871 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.PropertyChangeAdapter.html
[2012.05.04 18:36:36 | 000,019,480 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.PropertyElement.html
[2012.05.04 18:36:36 | 000,014,762 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ReferenceElement.html
[2012.05.04 18:36:36 | 000,016,285 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ScriptElement.html
[2012.05.04 18:36:36 | 000,012,580 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ScriptEventHandler.html
[2012.05.04 18:36:36 | 000,015,657 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.UnknownStaticPropertyElement.html
[2012.05.04 18:36:36 | 000,016,810 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.UnknownTypeElement.html
[2012.05.04 18:36:36 | 000,013,360 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.UnknownTypeElement.UnknownValueMap.html
[2012.05.04 18:36:36 | 000,015,826 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\FXMLLoader.ValueElement.html
[2012.05.04 18:36:36 | 000,009,028 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.Attribute.html
[2012.05.04 18:36:36 | 000,004,682 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ControllerMethodEventHandler.html
[2012.05.04 18:36:36 | 000,004,495 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.CopyElement.html
[2012.05.04 18:36:36 | 000,004,517 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.DefineElement.html
[2012.05.04 18:36:36 | 000,007,827 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.Element.html
[2012.05.04 18:36:36 | 000,004,627 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ExpressionTargetMapping.html
[2012.05.04 18:36:36 | 000,008,968 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.html
[2012.05.04 18:36:36 | 000,004,528 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.IncludeElement.html
[2012.05.04 18:36:36 | 000,004,660 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.InstanceDeclarationElement.html
[2012.05.04 18:36:36 | 000,004,671 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ObservableListChangeAdapter.html
[2012.05.04 18:36:36 | 000,004,660 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ObservableMapChangeAdapter.html
[2012.05.04 18:36:36 | 000,004,605 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyChangeAdapter.html
[2012.05.04 18:36:36 | 000,006,567 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyElement.html
[2012.05.04 18:36:36 | 000,004,550 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ReferenceElement.html
[2012.05.04 18:36:36 | 000,004,517 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptElement.html
[2012.05.04 18:36:36 | 000,004,572 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptEventHandler.html
[2012.05.04 18:36:36 | 000,004,682 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownStaticPropertyElement.html
[2012.05.04 18:36:36 | 000,004,572 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownTypeElement.html
[2012.05.04 18:36:36 | 000,004,748 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.UnknownTypeElement.UnknownValueMap.html
[2012.05.04 18:36:36 | 000,004,506 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\fxml\class-use\FXMLLoader.ValueElement.html
[2012.05.04 18:36:38 | 000,006,602 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\scene\control\UAStylesheetLoader.Holder.html
[2012.05.04 18:36:38 | 000,006,802 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\scene\control\UAStylesheetLoader.html
[2012.05.04 18:36:38 | 000,004,672 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\scene\control\class-use\UAStylesheetLoader.Holder.html
[2012.05.04 18:36:38 | 000,006,822 | ---- | M] () -- \Program Files\Java\JavaFX\docs\api\javafx\scene\control\class-use\UAStylesheetLoader.html
[2012.07.06 17:27:22 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.07.06 17:27:22 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.07.06 17:27:23 | 001,128,953 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.07.06 17:27:22 | 000,006,195 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.07.06 17:27:22 | 000,005,830 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.07.06 17:27:23 | 000,000,456 | ---- | M] () -- \Program Files\Java\jdk1.7.0_05\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2010.11.22 13:10:13 | 000,015,872 | ---- | M] () -- \Program Files\MacType\MacLoader.exe
[2011.07.18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.09.04 23:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.11.05 22:22:58 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2012.11.05 22:22:58 | 000,002,191 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.11.05 22:22:58 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2012.11.05 22:22:58 | 000,002,191 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.06.02 21:26:42 | 000,001,683 | ---- | M] () -- \Users\My\AppData\Local\LiveReload\App\Resources\backend\node_modules\websocket.io\node_modules\ws\examples\fileapi\public\uploader.js
[2012.12.01 13:42:22 | 000,105,903 | ---- | M] () -- \Users\My\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKXREU8S\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.08.05 14:59:12 | 000,001,289 | ---- | M] () -- \Users\My\AppData\Roaming\.minecraft\ModLoader.txt
[2012.08.04 16:34:44 | 000,001,289 | ---- | M] () -- \Users\My\AppData\Roaming\.minecraft\ModLoader.txt.1
[2012.07.24 18:02:08 | 000,000,844 | ---- | M] () -- \Users\My\AppData\Roaming\.minecraft\ModLoader.txt.2
[2012.08.05 14:58:30 | 000,000,112 | ---- | M] () -- \Users\My\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.11.05 22:22:58 | 000,001,247 | ---- | M] () -- \Users\Public\Desktop\YTD Video Downloader.lnk
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.07.09 18:51:49 | 000,003,530 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.26 18:52:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.26 18:52:20 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.26 18:52:20 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.07.14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012.05.17 21:52:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.05.17 21:52:40 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.05.17 21:52:40 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.26 18:50:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 7.12.2012 12:45:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\My\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 75,08% Memory free
5,99 Gb Paging File | 5,12 Gb Available in Paging File | 85,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 41,08 Gb Free Space | 55,12% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 666,03 Gb Free Space | 71,50% Space Free | Partition Type: NTFS

Computer Name: MY-PC | User Name: My | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.js [@ = jsfile] -- Reg Error: Value error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B5B9CD8-7689-4C00-8450-88332210EE50}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{16D38958-C7BD-4048-82E4-E3338551BC4C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25F75EF9-D48F-46D5-8E63-2362B6D85FD1}" = rport=138 | protocol=17 | dir=out | app=system |
"{2785BE22-CFCC-4A12-ABD3-775D2B612CF3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28D3B533-E633-408E-80D4-A840A160A2CD}" = rport=445 | protocol=6 | dir=out | app=system |
"{2EEB6F60-7553-4C54-B3E8-A54A3DA104CE}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{319C333F-C219-43E2-BD30-B922621B5A01}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39DBC57E-8D34-4000-BF82-55FB4ADDB5CA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42548FE9-471C-4AE7-8760-D80DFD7B5AED}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46252FC5-3254-4D1C-9A26-8DF436DF74F8}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{4C1EC48A-50E9-48BF-AD9A-CA43DBD657DF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{512A6DFA-2AF1-426F-876D-01120573F2E6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7608E762-9251-428C-844A-E39DA3A80944}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{816BC2F8-81EC-43C1-A3CE-18E803217285}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{817A62A1-D6AA-4C71-BAF8-3C8D8921C8D9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{98872821-2A23-4A28-BCC4-1E25B4B771BD}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E0552D6-3076-45A7-9A01-0194DEE58109}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A25214B5-5A5F-426F-9C4B-490B0B64EA9D}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{A770F68F-B89E-4D0D-895D-22C619E05C32}" = rport=137 | protocol=17 | dir=out | app=system |
"{A7B6F4F0-3069-4189-A8DA-DA3EB08CC064}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAE2A8E6-AD69-4CEB-B8CB-F31CF20C4DE0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ABAF47C7-B01C-4D24-BCD9-11F31CFD21DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B39224D9-69EF-4FF7-8295-0EDEFF08F56A}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{B7C75F0C-6A79-4DB1-8B4F-DD5008FC06E7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9CFE4C0-B0E9-4C59-8248-102A9B2D9B3B}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{C54832BF-D990-48F7-B42B-0F828108E534}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{C55D8D13-C640-46AD-8EFC-11F80768BC55}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C56F04B3-9008-4AEF-9C96-24187FE57FDE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D42F4A5B-D2C7-4E75-9E42-CE7383E51DDE}" = lport=5220 | protocol=6 | dir=in | name=war thunder |
"{DBDC6368-71AA-4993-8904-36B74527C5D5}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{E4E0387A-1C2E-4FE0-9168-8496A55D3B2B}" = lport=139 | protocol=6 | dir=in | app=system |
"{E7660FA7-9DE5-4707-9E96-F964E19F864F}" = lport=137 | protocol=17 | dir=in | app=system |
"{FB6284C1-F8D9-4213-A481-F080F99E9E50}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02572895-507D-4927-877B-5A78CC7870C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{05305E43-F146-4476-B176-89B1105AD8E1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A358C08-8936-4BB9-911E-AB5628006E1A}" = protocol=6 | dir=in | app=d:\games\origin games\battlefield 3\bf3.exe |
"{14FF39B7-1687-4F7C-BBA9-E23B24FE5DDE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1A362418-00D8-4EDB-B058-A98F260A84E1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1AF72334-DB74-4B96-A2FE-1BD3029C8E21}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{201B72E7-B4AF-43AB-B42D-C96E17FE7E6A}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{2C6CC2F8-6E2F-48D2-BE6D-58DBE34F4FA2}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{3262F0AA-FC4D-48FF-8D95-61627B417398}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{370FB3F4-9D60-4C26-A311-B897965EE096}" = protocol=17 | dir=in | app=d:\games\war thunder\aces.exe |
"{44D47CB5-5A05-40A0-BB3F-940C326A4E99}" = protocol=6 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{46EE2AF0-9847-4A7A-98AA-B8230E95501E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4F21837F-CA67-4209-8375-8C17C3993D4E}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{5DE0E96F-15B1-4487-ACD9-01538B46F349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F329395-60B2-4FC1-BC9A-3B19BBFF4EC7}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{6315A782-A079-488F-BA80-0D6BC5458171}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{6955AF1C-23CA-462D-B37E-09C570EF9E3E}" = protocol=6 | dir=out | app=system |
"{7081227B-E410-45C2-9FEB-5A644D92212C}" = protocol=17 | dir=in | app=d:\games\origin games\battlefield 3\bf3.exe |
"{7413871D-2A22-435D-AC2A-60EF505E71A6}" = protocol=6 | dir=in | app=d:\games\war thunder\launcher.exe |
"{76E48B7B-F7E2-48D0-B031-8395E127C4F6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7CD39C1F-69DB-44DA-8D5B-35F7B90DD53C}" = protocol=17 | dir=in | app=d:\games\war thunder\launcher.exe |
"{7DC6D0EA-638C-49F4-8BA6-8DF740A7536B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7F54C7EF-E331-4F13-B84A-32EF3D0AECEC}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8207D7F9-13B5-4F2C-BA96-4D1FF0B0EDC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8422DEAE-C42F-4ED1-B325-23D4C8B470C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{889D9BDE-C62E-4C2A-AFAF-E2E25201F08E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{900EEFF8-B1E4-4A0E-AA19-C4A9307EDEAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97BC8CDE-A322-4FC5-81B4-A157E690E67B}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{98228B3F-4F71-4A96-9A38-EE6B44A7D094}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AB348F4-3004-4DFC-825B-F6B6FC1A6957}" = protocol=17 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{A9C78213-C3B4-4B45-819C-944A7EF626FF}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{AC3954F9-A28D-4C3E-9F52-34C0DF094C4D}" = protocol=6 | dir=in | app=d:\games\war thunder\aces.exe |
"{B934A79D-50A0-483C-A68F-0DC19DC953F5}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{BB0741EF-34C7-4FC5-B63E-22576BB70755}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE7167E8-96B0-40CE-B898-072F0454AA7C}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CA4FB990-8C3F-4D10-AF94-2792D34C21F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8C799DB-4BE8-4394-A205-2131DD2FF4AD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FA060809-7BBD-4744-ABAB-2E54FFA7EE9B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FBF8A9AB-C6D5-4228-B797-1C2C3869C7F8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{080CCA88-46A9-4FEF-B0B7-793815EBA8F1}D:\program files\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=d:\program files\assassins creed iii\ac3sp.exe |
"TCP Query User{1871BED6-FAB5-41DC-B918-053F919795BC}D:\games\farcry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=d:\games\farcry 3\bin\farcry3.exe |
"TCP Query User{246BA1E3-1F44-46E1-835B-9103B8675AA2}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{2706E220-FE97-4836-96D1-E281E95AD806}C:\program files\java\jdk1.7.0_05\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_05\bin\java.exe |
"TCP Query User{2DA9F53E-7E13-47FD-926C-F60E95A5D194}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{2E542D1C-67C9-4642-9BF5-85EF085680E6}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{42B5D692-3B7F-43DC-8102-77AD22F4BC79}C:\users\my\downloads\war_thunder_beta_access.exe" = protocol=6 | dir=in | app=c:\users\my\downloads\war_thunder_beta_access.exe |
"TCP Query User{774990B9-C8C4-4E93-996F-66FF6171B852}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{8B245686-409F-433A-BF66-16274D9AA327}D:\program files\sublime text 2\sublime_text.exe" = protocol=6 | dir=in | app=d:\program files\sublime text 2\sublime_text.exe |
"TCP Query User{AA6E8EC1-B983-4CE1-B343-083B7DD240A1}D:\games\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world of tanks\worldoftanks.exe |
"TCP Query User{B83D9136-3AE2-4B2C-BD33-B09F3C7A9E99}D:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=d:\program files\videolan\vlc\vlc.exe |
"TCP Query User{D100F743-CB5E-4378-BB15-118855849DAE}D:\games\origin games\battlefield bad company 2 digital deluxe edition\bfbc2game.exe" = protocol=6 | dir=in | app=d:\games\origin games\battlefield bad company 2 digital deluxe edition\bfbc2game.exe |
"TCP Query User{D1B5442E-F244-4EFD-A090-24B4B1278887}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{E40BF6D2-9AB9-43CE-9D65-5A5850FAE859}D:\games\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world of tanks\wotlauncher.exe |
"TCP Query User{E41B8D06-9AF9-4048-820A-AA5C855AE0DA}D:\program files\cisco packet tracer 5.3.3\bin\packettracer5.exe" = protocol=6 | dir=in | app=d:\program files\cisco packet tracer 5.3.3\bin\packettracer5.exe |
"TCP Query User{F39E502E-E6F8-4A67-9FB8-0D86A6C67591}D:\program files\sublime text 2\sublime_text.exe" = protocol=6 | dir=in | app=d:\program files\sublime text 2\sublime_text.exe |
"UDP Query User{0B353C07-423C-43BD-B723-2F0492522004}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{18886567-78FA-469A-B3A9-75F3EB89D4D6}D:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=d:\program files\videolan\vlc\vlc.exe |
"UDP Query User{1DCD77D3-CF0C-4D1D-ABEE-9188580DB9D0}D:\games\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world of tanks\worldoftanks.exe |
"UDP Query User{2388A52E-B199-42C7-AD22-0DCCFDBED2C9}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{2A00D3B8-D262-4C57-92F5-8E805715AA6B}C:\program files\java\jdk1.7.0_05\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_05\bin\java.exe |
"UDP Query User{346A58DB-FDD3-4A0B-92DB-0361AD4345E2}D:\program files\sublime text 2\sublime_text.exe" = protocol=17 | dir=in | app=d:\program files\sublime text 2\sublime_text.exe |
"UDP Query User{3672CD9B-272C-4A02-B0AC-124962C433D1}D:\program files\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=d:\program files\assassins creed iii\ac3sp.exe |
"UDP Query User{46627B1E-D7D1-46F3-8013-820522738A51}D:\program files\cisco packet tracer 5.3.3\bin\packettracer5.exe" = protocol=17 | dir=in | app=d:\program files\cisco packet tracer 5.3.3\bin\packettracer5.exe |
"UDP Query User{6AF31447-5463-4193-9C81-A19E19DD7E24}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{74F554F9-334D-4BE1-B0CD-5EEDC32772C8}D:\games\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world of tanks\wotlauncher.exe |
"UDP Query User{94950E64-3B28-463C-A7CB-11C1A93ACEFA}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{C5689304-34E3-4891-9224-CDB9876C661A}D:\program files\sublime text 2\sublime_text.exe" = protocol=17 | dir=in | app=d:\program files\sublime text 2\sublime_text.exe |
"UDP Query User{CFA505FA-C6E6-40C3-8C9F-B510474DE35C}D:\games\farcry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=d:\games\farcry 3\bin\farcry3.exe |
"UDP Query User{DF4DE2F9-FFFF-49C0-9317-57A96341C75D}D:\games\origin games\battlefield bad company 2 digital deluxe edition\bfbc2game.exe" = protocol=17 | dir=in | app=d:\games\origin games\battlefield bad company 2 digital deluxe edition\bfbc2game.exe |
"UDP Query User{EC6CA621-4EB9-4A54-8801-629B09EF1A61}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{F314CFE0-2834-4755-BC83-B961276B4E46}C:\users\my\downloads\war_thunder_beta_access.exe" = protocol=17 | dir=in | app=c:\users\my\downloads\war_thunder_beta_access.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Изысканная спальня Каталог
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0DB51EBE-ECD4-4308-A55C-3DFDC4E83814}" = DJ Java Decompiler v.3.12.12.96
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Отдых на природе Каталог
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.4
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Каталог
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2222706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 SDK
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{32A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Шоу-бизнес
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 В сумерках
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AEFCA01-8DF1-11E1-A17B-F04DA23A5C58}" = Vegas Pro 11.0
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Современная роскошь Каталог
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{767E6D85-365F-0C62-3CE4-15EBC76F5D7E}" = Adobe Muse
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Городская жизнь Каталог
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Карьера
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry Сладкие радости
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed ® III
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}" = Adobe Dreamweaver CS6
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A8ABAA1F-0825-4C68-80CF-CE834FE6729C}" = ESET NOD32 Antivirus
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 310.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B810D852-DFD6-ACIII-89A5-CC4D47756DAF}_is1" = Assassins Creed III version 5.1
"{B810D852-DFD6-FC3-89A5-CC4D47756DAF}_is1" = FarCry 3 version 5.1
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Мир приключений
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF1E3896-1CF9-4494-9633-165ED620E228}" = MacType
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Питомцы
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CF2FF2C3-3013-33E4-8413-92090A340FE1}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Все возрасты
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Скоростной режим Каталог
"{ed8defa4-19fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.91
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}" = XML Notepad 2007
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"«The Sims 3 Deluxe Edition»_is1" = «The Sims 3 Deluxe Edition» (build 5.0)
"«Обновление The Sims 3 Deluxe Edition»_is1" = «Обновление The Sims 3 Deluxe Edition до билда 5.0 до 5.5»
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"AdobeMuse" = Adobe Muse
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"AviSynth" = AviSynth 2.6
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"CyberGhost VPN_is1" = CyberGhost VPN
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deckadance" = Deckadance
"DokanLibrary" = Dokan Library 0.6.0
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EPSON Printer and Utilities" = EPSON Printer Software
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"FontCreator6_is1" = High-Logic FontCreator 6.5
"Fraps" = Fraps (remove only)
"GalaxyNexusToolKit11" = Package: Galaxy Nexus ToolKit [JellyBean Edition]
"Game Booster_is1" = Game Booster 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"IL Download Manager" = IL Download Manager
"LameACM" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.65.1.1000
"Mozilla Firefox 15.0 (x86 cs)" = Mozilla Firefox 15.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.02.1578" = Opera 12.02
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MP280 series" = Registrace uživatele zařízení Canon MP280 series
"Sniper Elite V2_is1" = Sniper Elite V2
"Sublime Text 2_is1" = Sublime Text 2.0.1
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"The KMPlayer" = The KMPlayer (remove only)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.20 beta 3 (32-bit)
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"ZOTAC FireStorm" = ZOTAC FireStorm

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-801721396-2043881397-985488794-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
"Google Chrome" = Google Chrome
"LiveReload" = LiveReload

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.11.2012 15:50:20 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Setup.exe_Microsoft Setup Bootstrapper,
verze: 14.0.6010.1000, časové razítko: 0x4cc9a3bd Název chybujícího modulu: ole32.dll,
verze: 6.1.7601.17514, časové razítko: 0x4ce7b96f Kód výjimky: 0xc0000005 Posun chyby:
0x0003bc21 ID chybujícího procesu: 0x1308 Čas spuštění chybující aplikace: 0x01cdc36a63fbd1e5
Cesta
k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office
Setup Controller\Setup.exe Cesta k chybujícímu modulu: C:\Windows\system32\ole32.dll
ID
zprávy: af792825-2f5d-11e2-af0e-002421daad95

Error - 16.11.2012 15:36:14 | Computer Name = My-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.11.2012 5:52:26 | Computer Name = My-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.11.2012 16:59:00 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b60 Kód výjimky: 0xc0000374 Posun chyby: 0x000c380b ID chybujícího
procesu: 0x888 Čas spuštění chybující aplikace: 0x01cdc7f8e14fc772 Cesta k chybující
aplikaci: C:\Windows\explorer.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 455330c0-341e-11e2-9b64-002421daad95

Error - 24.11.2012 10:36:22 | Computer Name = My-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 24.11.2012 17:35:54 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FlashDecompiler.exe, verze: 5.3.1370.0,
časové razítko: 0x4f02e72e Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b60 Kód výjimky: 0xc0000005 Posun chyby: 0x00052bb6 ID chybujícího
procesu: 0x105c Čas spuštění chybující aplikace: 0x01cdca8b9175e82d Cesta k chybující
aplikaci: D:\Program Files\Eltima Software\Flash Decompiler Trillix\FlashDecompiler.exe
Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: ec6d5047-367e-11e2-8167-002421daad95

Error - 26.11.2012 14:29:48 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AC3SP.exe, verze: 0.0.0.0, časové razítko:
0x509d6d53 Název chybujícího modulu: binkw32.dll, verze: 1.8.8.0, časové razítko:
0x43fd7f1e Kód výjimky: 0xc0000005 Posun chyby: 0x0000e503 ID chybujícího procesu:
0xd68 Čas spuštění chybující aplikace: 0x01cdcc03f3a67825 Cesta k chybující aplikaci:
D:\Program Files\Assassins Creed III\AC3SP.exe Cesta k chybujícímu modulu: D:\Program
Files\Assassins Creed III\binkw32.dll ID zprávy: 41f6cf80-37f7-11e2-9b73-002421daad95

Error - 30.11.2012 17:12:48 | Computer Name = My-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Program Files\Nokia\Nokia PC Suite
7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 1.12.2012 18:43:43 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Photoshop.exe, verze: 13.0.1.0, časové razítko:
0x5022da52 Název chybujícího modulu: Photoshop.exe, verze: 13.0.1.0, časové razítko:
0x5022da52 Kód výjimky: 0xc0000005 Posun chyby: 0x00dd7e3b ID chybujícího procesu:
0xde4 Čas spuštění chybující aplikace: 0x01cdd00fcb09a23c Cesta k chybující aplikaci:
D:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe Cesta k chybujícímu modulu:
D:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe ID zprávy: 8e62cec2-3c08-11e2-95be-002421daad95

Error - 2.12.2012 6:20:18 | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mbamscheduler.exe, verze: 1.65.0.0, časové
razítko: 0x50678504 Název chybujícího modulu: mbamnet.dll, verze: 1.62.0.0, časové
razítko: 0x506784de Kód výjimky: 0xc0000005 Posun chyby: 0x0000a949 ID chybujícího
procesu: 0x6d0 Čas spuštění chybující aplikace: 0x01cdd07667e9fd5e Cesta k chybující
aplikaci: D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe Cesta k
chybujícímu modulu: D:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll ID zprávy:
de71b136-3c69-11e2-ba65-002421daad95

[ System Events ]
Error - 30.9.2012 15:46:46 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:49 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:49 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:49 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:50 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:50 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 30.9.2012 15:46:50 | Computer Name = My-PC | Source = atapi | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error - 30.9.2012 15:46:50 | Computer Name = My-PC | Source = cdrom | ID = 262159
Description = Zařízení \Device\CdRom0 ještě není připraveno pro přístup.

Error - 1.10.2012 4:01:00 | Computer Name = My-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Kernel Information Provider neuspěla při spuštění v
důsledku následující chyby: %%3

Error - 2.10.2012 11:45:38 | Computer Name = My-PC | Source = Service Control Manager | ID = 7000
Description = Služba LogMeIn Kernel Information Provider neuspěla při spuštění v
důsledku následující chyby: %%3


< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
  DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
  DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\..\SearchScopes\{459368E5-22ED-4AB2-A06B-0737F611F09A}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=RY&apn_dtid=YYYYYYV2CZ&apn_uid=f5dc2abf-823a-4099-a811-fddf2afd0dd3&apn_sauid=7A94B375-86AA-4AB4-B095-BC99887D9750
  IE - HKU\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  O13 - gopher Prefix: missing
  O20 - HKU\S-1-5-21-801721396-2043881397-985488794-1001 Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O33 - MountPoints2\{e658e986-a049-11e1-aba7-002421daad95}\Shell - "" = AutoRun
  [2012.08.28 12:15:26 | 000,916,480 | ---- | C] () -- C:\Windows\expstart.exe
  [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  
  [2012.12.06 23:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2012.12.02 11:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job
  [2012.12.07 12:45:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys not found.
Service tsusbhub stopped successfully!
Service tsusbhub deleted successfully!
File system32\drivers\tsusbhub.sys not found.
Service Synth3dVsc stopped successfully!
Service Synth3dVsc deleted successfully!
File System32\drivers\synth3dvsc.sys not found.
Service LMIInfo stopped successfully!
Service LMIInfo deleted successfully!
File C:\Program Files\LogMeIn\x86\RaInfo.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{459368E5-22ED-4AB2-A06B-0737F611F09A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{459368E5-22ED-4AB2-A06B-0737F611F09A}\ not found.
HKU\S-1-5-21-801721396-2043881397-985488794-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-801721396-2043881397-985488794-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:expstart.exe deleted successfully.
C:\Windows\expstart.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e658e986-a049-11e1-aba7-002421daad95}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e658e986-a049-11e1-aba7-002421daad95}\ not found.
File C:\Windows\expstart.exe not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13A5.tmp\System.Workflow.Runtime.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13A5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4948.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7430.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9771.tmp folder deleted successfully.
C:\Windows\Installer\MSI2B8A.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-801721396-2043881397-985488794-1001UA.job moved successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: My
->Temp folder emptied: 835323 bytes
->Temporary Internet Files folder emptied: 2515618 bytes
->Java cache emptied: 4638639 bytes
->FireFox cache emptied: 49090125 bytes
->Google Chrome cache emptied: 7463568 bytes
->Opera cache emptied: 240 bytes
->Flash cache emptied: 57339 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6474432 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 68,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: My
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: My
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12082012_105814

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL udelalo co melo, jak se chova PC

Vše je v naprostém pořádku Děkuji.

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse