VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=127209

Stránka 1 z 2

kontrola logu

Napsal: 12 led 2013 14:30
od Rhonwyn
prosim o preventivni kontrolu, zda se mi to trosku pomalejsi. Dekuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Rhonwyn at 2013-01-12 14:28:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 491 GB (51%) free of 954 GB
Total RAM: 8175 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:28:29, on 12.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Rhonwyn.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_S7881.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL55 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12170 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\hasplms.exe -run
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2284
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {E4FB7107-3E5E-444B-8CF7-AE12E3C7ABA7}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe"
"C:\Users\Rhonwyn\AppData\Local\Apps\2.0\9LA8Z4NW.NVJ\VAC7BX97.KB7\curs..tion_9e9e83ddf3ed3ead_0005.0001_f88ee66177b243ac\CurseClient.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe" -hide
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe" /hide
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\World of Warcraft\Wow-64.exe" -launch -uid wow_engb
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1960.1.645908152\191500845" --supports-dual-gpus=false --skip-gpu-full-info-collection --gpu-vendor-id=0x1002 --gpu-device-id=0x6719 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.2.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="1960.2.1033272686\2028849217" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=CacheSensitivityAnalysis/No/EnableStage3D/enabled/ForceCompositingMode/thread/GlobalSdch/global_enable_sdch/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2012Q4/7/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SBInterstitial/V2/SpdyCwnd/cwnd16/SpeculativePrefetching/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_27/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --enable-threaded-compositing --channel="1960.3.902125091\1857112511" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1960.4.208832815\70407240" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Users\Rhonwyn\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-11-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1d09c093-f71e-43c3-b948-19316cbd695e} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-04-26 3111744]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-12-03 1354736]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2012-11-30 3492504]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2012-09-13 204136]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe

C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-10 03:07:26 ----SHD---- C:\Config.Msi
2013-01-09 17:55:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-01-09 11:04:23 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 11:04:23 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 11:04:06 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 11:04:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 11:04:06 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 11:04:06 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 11:04:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 11:04:01 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 11:03:58 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 11:03:58 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 11:03:47 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 11:03:47 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 11:03:47 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 11:03:47 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 11:03:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 11:03:21 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 11:03:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 11:03:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 11:03:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 11:03:20 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 11:03:20 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 11:03:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 11:03:19 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 11:03:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 11:03:18 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 11:03:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 11:03:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 11:03:10 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 11:03:08 ----A---- C:\Windows\system32\win32k.sys
2013-01-06 10:50:37 ----D---- C:\Users\Rhonwyn\AppData\Roaming\PIPSDATA
2013-01-06 10:50:21 ----D---- C:\Program Files (x86)\PIPS
2013-01-06 10:46:30 ----A---- C:\Windows\system32\drivers\itlusbdevice_x64.sys
2013-01-05 23:11:12 ----D---- C:\Users\Rhonwyn\AppData\Roaming\EVE IPH
2012-12-29 15:44:25 ----D---- C:\VSPath
2012-12-29 15:11:28 ----D---- C:\Users\Rhonwyn\AppData\Roaming\MySQL
2012-12-29 15:06:47 ----D---- C:\Program Files\MySQL
2012-12-29 15:05:27 ----D---- C:\Program Files (x86)\MySQL
2012-12-29 15:05:26 ----D---- C:\ProgramData\MySQL
2012-12-28 14:59:23 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-12-28 13:33:28 ----D---- C:\Program Files (x86)\Beamdog
2012-12-27 23:58:33 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Mumble
2012-12-27 23:56:27 ----D---- C:\Program Files (x86)\Mumble
2012-12-26 15:53:23 ----D---- C:\Users\Rhonwyn\AppData\Roaming\DarksporeData
2012-12-22 03:00:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-22 03:00:49 ----A---- C:\Windows\system32\atmlib.dll
2012-12-22 03:00:49 ----A---- C:\Windows\system32\atmfd.dll
2012-12-22 03:00:48 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-21 13:09:51 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Bioshock
2012-12-19 00:21:28 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-19 00:21:28 ----D---- C:\Program Files\iTunes
2012-12-19 00:21:28 ----D---- C:\Program Files\iPod
2012-12-19 00:21:28 ----D---- C:\Program Files (x86)\iTunes

======List of files/folders modified in the last 1 month======

2013-01-12 14:28:29 ----D---- C:\Windows\Prefetch
2013-01-12 14:28:28 ----D---- C:\Windows\Temp
2013-01-12 14:28:28 ----D---- C:\Program Files\Trend Micro
2013-01-12 14:23:35 ----D---- C:\Program Files (x86)\Steam
2013-01-12 14:21:12 ----D---- C:\Windows\system32\config
2013-01-11 21:40:44 ----D---- C:\Windows\SysWOW64
2013-01-11 21:40:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-01-11 09:47:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-10 09:26:06 ----RD---- C:\Program Files (x86)
2013-01-10 04:04:36 ----D---- C:\Windows\rescache
2013-01-10 03:38:01 ----D---- C:\Windows\Microsoft.NET
2013-01-10 03:37:25 ----RSD---- C:\Windows\assembly
2013-01-10 03:27:37 ----D---- C:\Windows\winsxs
2013-01-10 03:25:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-10 03:25:56 ----D---- C:\Windows\system32\cs-CZ
2013-01-10 03:25:56 ----D---- C:\Windows\System32
2013-01-10 03:25:55 ----D---- C:\Windows\AppPatch
2013-01-10 03:10:13 ----SHD---- C:\Windows\Installer
2013-01-10 03:10:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-10 03:10:00 ----D---- C:\Windows\inf
2013-01-10 03:09:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-10 03:05:30 ----A---- C:\Windows\system32\MRT.exe
2013-01-10 03:00:30 ----SHD---- C:\System Volume Information
2013-01-09 11:03:03 ----D---- C:\Windows\system32\catroot
2013-01-09 11:02:50 ----D---- C:\Windows\system32\catroot2
2013-01-09 00:42:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-08 22:13:23 ----D---- C:\Windows\Logs
2013-01-06 16:42:21 ----D---- C:\Users\Rhonwyn\AppData\Roaming\vlc
2013-01-06 14:55:05 ----SD---- C:\Users\Rhonwyn\AppData\Roaming\Microsoft
2013-01-06 10:47:36 ----D---- C:\Windows\system32\DriverStore
2013-01-06 10:47:36 ----D---- C:\Windows\system32\drivers
2013-01-05 11:49:07 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Bioshock2
2013-01-03 17:51:06 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Skype
2013-01-01 13:01:25 ----D---- C:\Users\Rhonwyn\AppData\Roaming\TS3Client
2012-12-31 09:35:15 ----D---- C:\Windows
2012-12-30 08:46:54 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Apple Computer
2012-12-29 19:12:35 ----D---- C:\Program Files (x86)\Diablo III
2012-12-29 15:06:55 ----RSD---- C:\Windows\Fonts
2012-12-29 15:06:47 ----RD---- C:\Program Files
2012-12-29 15:05:26 ----HD---- C:\ProgramData
2012-12-28 12:15:50 ----D---- C:\Lada
2012-12-26 22:13:15 ----D---- C:\Users\Rhonwyn\AppData\Roaming\Sports Interactive
2012-12-26 22:08:04 ----D---- C:\Program Files (x86)\SEGA
2012-12-26 22:07:34 ----D---- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Pro
2012-12-21 23:29:15 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-12-13 09:23:51 ----D---- C:\Windows\SYSWOW64\migration
2012-12-13 09:23:51 ----D---- C:\Windows\system32\migration
2012-12-13 09:23:51 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-13 09:23:50 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-22 283200]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2011-11-22 78208]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2012-08-07 141256]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2011-09-28 321536]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2010-12-14 27136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-01-12 25640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2012-06-15 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2012-06-15 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2012-06-15 296576]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-07-31 30528]
S3 itlusbdevice;itlusbdevice; C:\Windows\system32\DRIVERS\itlusbdevice_x64.sys [2010-06-09 69240]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
S3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-12-14 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2010-12-14 24064]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-12-14 58472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB RS-232 Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 hasplms;Sentinel Local License Manager; C:\Windows\system32\hasplms.exe [2012-08-22 4412872]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-08 76888]
R2 Smart TimeLock;Smart TimeLock Service; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Desura Install Service;Desura Install Service; C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-11-02 131912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-01 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-09 115760]
S3 MySQL55;MySQL55; C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\ProgramData\MySQL\MySQL Server 5.5\my.ini MySQL55 []
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-21 541760]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-23 1255736]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: kontrola logu

Napsal: 12 led 2013 18:56
od vyosek
Zdravim :)

:arrow: Tady Brno-Kohoutovice, kam tato rada leti :???: :D :D

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Search
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Re: kontrola logu

Napsal: 12 led 2013 23:03
od Rhonwyn
tady reckovice:)

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 23:01:26
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Rhonwyn - RHONWYN-PC
# Boot Mode : Normal
# Running from : C:\Users\Rhonwyn\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Rhonwyn\Desktop\Search The Web.url
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Rhonwyn\AppData\Local\APN
Folder Found : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4392 octets] - [12/01/2013 23:01:26]

########## EOF - C:\AdwCleaner[R1].txt - [4452 octets] ##########

Re: kontrola logu

Napsal: 12 led 2013 23:09
od vyosek
:arrow: Ja fix, pres cely salingrad, snad zpravy doleti a nezmrznou pac u nas na kopci je zima jak sfina...

:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Delete
  • PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Re: kontrola logu

Napsal: 12 led 2013 23:14
od Rhonwyn
njn do leta daleko, a to nejhorsi pry teprve pred nami :shock:

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 23:10:29
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Rhonwyn - RHONWYN-PC
# Boot Mode : Normal
# Running from : C:\Users\Rhonwyn\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Rhonwyn\Desktop\Search The Web.url
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Rhonwyn\AppData\Local\APN
Folder Deleted : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4515 octets] - [12/01/2013 23:01:26]
AdwCleaner[S1].txt - [4542 octets] - [12/01/2013 23:10:29]

########## EOF - C:\AdwCleaner[S1].txt - [4602 octets] ##########

Re: kontrola logu

Napsal: 12 led 2013 23:23
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: kontrola logu

Napsal: 12 led 2013 23:59
od Rhonwyn
OTL logfile created on: 12.1.2013 23:45:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rhonwyn\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 4,01 Gb Available Physical Memory | 50,27% Memory free
15,97 Gb Paging File | 11,06 Gb Available in Paging File | 69,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 482,56 Gb Free Space | 51,81% Space Free | Partition Type: NTFS
Drive E: | 1,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: RHONWYN-PC | User Name: Rhonwyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013.01.12 23:24:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rhonwyn\Downloads\OTL.exe
PRC - [2013.01.08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.12.10 17:29:46 | 002,254,768 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.12.08 19:29:26 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.30 22:18:15 | 003,492,504 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.09.13 00:38:44 | 000,204,136 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2012.09.13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.01.15 03:58:30 | 004,431,328 | ---- | M] (Thorvald Natvig) -- C:\Program Files (x86)\Mumble\mumble.exe
PRC - [2011.01.26 16:28:46 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010.04.22 14:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009.06.17 15:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe


========== Modules (No Company Name) ==========

MOD - [2013.01.08 01:06:22 | 000,460,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll
MOD - [2013.01.08 01:06:21 | 012,459,624 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013.01.08 01:06:19 | 004,012,648 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013.01.08 01:05:29 | 000,598,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013.01.08 01:05:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013.01.08 01:05:25 | 001,553,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012.12.28 23:20:32 | 000,025,160 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\wolfet.dll
MOD - [2012.12.28 23:20:31 | 000,071,752 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\manual.dll
MOD - [2012.12.28 23:20:31 | 000,032,840 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\ut99.dll
MOD - [2012.12.28 23:20:31 | 000,031,816 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\wow.dll
MOD - [2012.12.28 23:20:31 | 000,031,304 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\tf2.dll
MOD - [2012.12.28 23:20:31 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\ut3.dll
MOD - [2012.12.28 23:20:30 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\hl2dm.dll
MOD - [2012.12.28 23:20:30 | 000,032,184 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\l4d2.dll
MOD - [2012.12.28 23:20:30 | 000,023,624 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\sto.dll
MOD - [2012.12.28 23:20:30 | 000,023,624 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\etqw.dll
MOD - [2012.12.28 23:20:30 | 000,023,112 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\lol.dll
MOD - [2012.12.28 23:20:30 | 000,022,600 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\lotro.dll
MOD - [2012.12.28 23:20:30 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\ut2004.dll
MOD - [2012.12.28 23:20:29 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\dys.dll
MOD - [2012.12.28 23:20:29 | 000,023,624 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\cod4.dll
MOD - [2012.12.28 23:20:29 | 000,023,112 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\gw.dll
MOD - [2012.12.28 23:20:29 | 000,022,968 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\l4d.dll
MOD - [2012.12.28 23:20:29 | 000,022,600 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\cs.dll
MOD - [2012.12.28 23:20:29 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\codmw2.dll
MOD - [2012.12.28 23:20:29 | 000,020,552 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\jc2.dll
MOD - [2012.12.28 23:20:29 | 000,019,384 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\link.dll
MOD - [2012.12.28 23:20:28 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\insurgency.dll
MOD - [2012.12.28 23:20:28 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\dods.dll
MOD - [2012.12.28 23:20:28 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\css.dll
MOD - [2012.12.28 23:20:28 | 000,022,600 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\blacklight.dll
MOD - [2012.12.28 23:20:28 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\gtaiv.dll
MOD - [2012.12.28 23:20:28 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\codmw2so.dll
MOD - [2012.12.28 23:20:28 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\cod5.dll
MOD - [2012.12.28 23:20:28 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\cod2.dll
MOD - [2012.12.28 23:20:28 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bfbc2.dll
MOD - [2012.12.28 23:20:27 | 000,038,984 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bf2.dll
MOD - [2012.12.28 23:20:27 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\gmod.dll
MOD - [2012.12.28 23:20:27 | 000,037,960 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\aoc.dll
MOD - [2012.12.28 23:20:27 | 000,036,632 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bf3.dll
MOD - [2012.12.28 23:20:27 | 000,024,136 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\borderlands.dll
MOD - [2012.12.28 23:20:27 | 000,022,600 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bf2142.dll
MOD - [2012.12.28 23:20:27 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\breach.dll
MOD - [2012.12.28 23:20:27 | 000,020,552 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bfheroes.dll
MOD - [2012.12.28 23:20:26 | 000,021,064 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\bf1942.dll
MOD - [2012.12.28 23:20:26 | 000,020,552 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Mumble\Plugins\arma2.dll
MOD - [2012.11.30 22:18:31 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll
MOD - [2012.09.13 00:39:18 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2012.09.13 00:38:52 | 007,955,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2012.09.13 00:38:52 | 000,341,352 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2012.09.13 00:38:52 | 000,127,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2012.09.13 00:38:52 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2012.09.13 00:38:44 | 002,144,104 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2012.09.13 00:38:20 | 000,264,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.02.19 13:47:20 | 000,168,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\speex.dll
MOD - [2011.02.19 13:47:14 | 000,129,192 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2011.02.19 13:47:08 | 000,079,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.7.0.sse2.dll
MOD - [2011.02.19 13:46:56 | 000,094,888 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.11.0.sse2.dll
MOD - [2011.01.26 16:28:04 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\hydracsy.dll
MOD - [2011.01.10 19:32:04 | 001,070,760 | ---- | M] () -- C:\Program Files (x86)\Mumble\libprotobuf.dll
MOD - [2011.01.10 19:30:54 | 000,042,152 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll
MOD - [2011.01.10 19:30:40 | 000,308,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll
MOD - [2011.01.10 19:30:28 | 000,027,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll
MOD - [2011.01.10 19:30:18 | 000,246,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll
MOD - [2011.01.10 19:30:08 | 000,208,552 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll
MOD - [2011.01.10 19:29:58 | 000,034,472 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll
MOD - [2011.01.10 19:29:48 | 000,032,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll
MOD - [2011.01.10 19:21:10 | 008,223,744 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtGui4.dll
MOD - [2010.12.04 15:47:38 | 000,957,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtNetwork4.dll
MOD - [2010.11.09 21:46:08 | 000,271,360 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSvg4.dll
MOD - [2010.11.09 21:39:20 | 000,691,712 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtOpenGL4.dll
MOD - [2010.11.09 21:24:58 | 000,679,936 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSql4.dll
MOD - [2010.11.09 21:05:58 | 000,342,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtXml4.dll
MOD - [2010.11.09 21:05:46 | 002,343,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtCore4.dll
MOD - [2010.10.04 01:50:48 | 002,259,968 | ---- | M] () -- C:\Program Files (x86)\Mumble\libsndfile-1.dll
MOD - [2010.07.09 07:41:42 | 002,359,296 | ---- | M] () -- C:\Program Files (x86)\Mumble\libmysql.dll
MOD - [2009.09.09 15:28:56 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\zlib1.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012.12.10 07:24:16 | 009,723,392 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL55)
SRV:64bit: - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.22 10:01:18 | 004,412,872 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.09.14 04:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009.09.14 04:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.01.09 17:55:18 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.09 00:42:12 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.21 09:51:55 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.12.10 17:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.12.08 19:29:26 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.11.02 21:59:22 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.07.16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.11.21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.06.17 15:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:55 | 000,021,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.09.21 20:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 20:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.08.22 08:06:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.07 09:51:18 | 000,141,256 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.06.15 07:39:36 | 000,296,576 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2012.06.15 05:44:14 | 000,057,088 | ---- | M] (SafeNet Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2012.06.15 05:44:14 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.22 13:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011.09.28 14:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011.03.18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 12:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 10:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 10:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.13 12:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 17:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.12.14 04:54:12 | 000,058,472 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010.12.14 04:54:12 | 000,058,472 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010.12.14 04:54:12 | 000,027,136 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010.12.14 04:54:12 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.21 08:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.06.09 11:37:24 | 000,069,240 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\itlusbdevice_x64.sys -- (itlusbdevice)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.05.14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2013.01.12 23:11:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.07.31 07:02:27 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes\{54C46DCC-BF7D-47ec-AD43-43CE46B2B141}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.09 17:55:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.09 17:55:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.11.26 22:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rhonwyn\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - Extension: Disk Google = C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\Rhonwyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (GBHO.BHO) - {45d30484-7ded-43d9-957a-d2fd1f046511} - mscoree.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Smart Recovery 2) - {1d09c093-f71e-43c3-b948-19316cbd695e} - mscoree.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_S7881.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBD58730-78D8-4749-9943-3E342BC8598D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\TSpkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\LIVESSP.DLL (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\TSpkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\LIVESSP.DLL (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.28 23:58:22 | 000,000,082 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3d06ed13-41fa-11e2-b177-1c6f65d964fc}\Shell - "" = AutoRun
O33 - MountPoints2\{3d06ed13-41fa-11e2-b177-1c6f65d964fc}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe
O33 - MountPoints2\{6714b959-d872-11e1-99c9-1c6f65d964fc}\Shell - "" = AutoRun
O33 - MountPoints2\{6714b959-d872-11e1-99c9-1c6f65d964fc}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2012.11.28 23:58:22 | 001,199,128 | R--- | M] (Beamdog )
O33 - MountPoints2\{8d3a380c-ec27-11e1-99f0-1c6f65d964fc}\Shell - "" = AutoRun
O33 - MountPoints2\{8d3a380c-ec27-11e1-99f0-1c6f65d964fc}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2012.11.28 23:58:22 | 001,199,128 | R--- | M] (Beamdog )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Re: kontrola logu

Napsal: 13 led 2013 00:00
od Rhonwyn
========== Files/Folders - Created Within 7 Days ==========

[2013.01.10 15:21:14 | 000,000,000 | ---D | C] -- C:\Users\Rhonwyn\Desktop\ales
[2013.01.10 03:07:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.01.09 17:55:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.01.09 11:04:23 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 11:04:23 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 11:04:01 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 11:03:58 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 11:03:47 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 11:03:47 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 11:03:47 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 11:03:47 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 11:03:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 11:03:47 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 11:03:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 11:03:47 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 11:03:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 11:03:47 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 11:03:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 11:03:47 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 11:03:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 11:03:47 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 11:03:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 11:03:47 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 11:03:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 11:03:47 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 11:03:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 11:03:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 11:03:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 11:03:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 11:03:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 11:03:47 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 11:03:46 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 11:03:46 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 11:03:46 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 11:03:46 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 11:03:46 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 11:03:46 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 11:03:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 11:03:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 11:03:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 11:03:20 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 11:03:20 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 11:03:20 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 11:03:20 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 11:03:20 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 11:03:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 11:03:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 11:03:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 11:03:20 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 11:03:20 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 11:03:20 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 11:03:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 11:03:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 11:03:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 11:03:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 11:03:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 11:03:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 11:03:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 11:03:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 11:03:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 11:03:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 11:03:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 11:03:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 11:03:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 11:03:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 11:03:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 11:03:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 11:03:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.08 22:14:13 | 000,000,000 | ---D | C] -- C:\Users\Rhonwyn\AppData\Local\SCE
[2013.01.06 13:53:12 | 000,000,000 | ---D | C] -- C:\Users\Rhonwyn\Desktop\pole2
[2013.01.06 10:50:37 | 000,000,000 | ---D | C] -- C:\Users\Rhonwyn\AppData\Roaming\PIPSDATA
[2013.01.06 10:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PIPS
[2013.01.06 10:50:21 | 000,000,000 | ---D | C] -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ITL Smart Tools

========== Files - Modified Within 7 Days ==========

[2013.01.12 23:42:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.12 23:27:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.12 23:19:19 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.12 23:19:19 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.12 23:17:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.12 23:11:56 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.12 23:11:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.01.12 23:11:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.12 23:11:30 | 2134,204,415 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.12 14:22:27 | 000,002,255 | ---- | M] () -- C:\Users\Rhonwyn\Desktop\Google Chrome.lnk
[2013.01.11 21:40:40 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.01.11 21:40:40 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.01.11 21:40:14 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.01.10 03:27:11 | 000,297,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.10 03:10:07 | 001,587,146 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.10 03:10:07 | 000,678,074 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.01.10 03:10:07 | 000,663,818 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.10 03:10:07 | 000,143,820 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.01.10 03:10:07 | 000,124,800 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.10 03:09:58 | 001,587,146 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.09 00:42:11 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 00:42:11 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013.01.12 23:27:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.06 10:46:30 | 000,069,240 | ---- | C] () -- C:\Windows\SysNative\drivers\itlusbdevice_x64.sys
[2012.09.21 20:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 20:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 20:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.09.21 10:38:35 | 000,000,359 | ---- | C] () -- C:\Users\Rhonwyn\Počítač – zástupce.lnk
[2012.09.10 20:52:55 | 001,587,146 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.22 17:02:20 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.22 17:02:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.22 11:21:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.22 11:16:00 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.07.22 10:45:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2012.07.22 10:40:32 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.11.09 11:42:08 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Audacity
[2012.12.23 23:51:23 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Bioshock
[2013.01.05 11:49:07 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Bioshock2
[2012.10.11 13:13:03 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite
[2012.12.26 22:07:34 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Pro
[2012.12.26 16:00:50 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DarksporeData
[2012.11.01 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Day 1 Studios
[2013.01.05 23:11:12 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\EVE IPH
[2012.08.02 19:56:41 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\GetRightToGo
[2012.07.22 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\GHISLER
[2012.10.31 11:17:30 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Kalypso Media
[2012.11.11 15:30:02 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Leadertech
[2012.11.23 23:55:31 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Lionhead Studios
[2013.01.12 23:42:33 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Mumble
[2012.12.29 15:11:28 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\MySQL
[2012.08.12 20:48:56 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\OpenOffice.org
[2012.11.30 22:19:19 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Origin
[2012.12.08 19:12:14 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PhotoFiltre 7
[2012.09.23 15:43:55 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PhotoFiltre Studio X
[2013.01.06 10:50:37 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PIPSDATA
[2012.08.02 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PunkBuster
[2012.09.13 07:48:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Splashtop
[2012.08.22 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\SPORE
[2012.12.26 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Sports Interactive
[2012.09.14 15:15:52 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\TeamViewer
[2012.11.26 22:47:14 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Thunderbird
[2013.01.01 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\TS3Client

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,636 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.09 16:24:46 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.01 15:12:37 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.01 15:12:38 | 000,000,954 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

Re: kontrola logu

Napsal: 13 led 2013 00:00
od Rhonwyn
< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.10 13:45:10 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Adobe
[2012.12.30 08:46:54 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Apple Computer
[2012.07.22 11:22:59 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\ATI
[2012.11.09 11:42:08 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Audacity
[2012.12.23 23:51:23 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Bioshock
[2013.01.05 11:49:07 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Bioshock2
[2012.10.11 13:13:03 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite
[2012.12.26 22:07:34 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DAEMON Tools Pro
[2012.12.26 16:00:50 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\DarksporeData
[2012.11.01 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Day 1 Studios
[2013.01.05 23:11:12 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\EVE IPH
[2012.08.02 19:56:41 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\GetRightToGo
[2012.07.22 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\GHISLER
[2012.09.23 15:25:02 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Identities
[2012.07.22 10:45:33 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\InstallShield
[2012.10.31 11:17:30 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Kalypso Media
[2012.11.11 15:30:02 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Leadertech
[2012.11.23 23:55:31 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Lionhead Studios
[2012.07.22 11:46:22 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Macromedia
[2011.04.12 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Media Center Programs
[2013.01.06 14:55:05 | 000,000,000 | --SD | M] -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft
[2012.09.18 11:49:29 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft Corporation
[2012.11.26 22:47:15 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Mozilla
[2013.01.12 23:42:33 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Mumble
[2012.12.29 15:11:28 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\MySQL
[2012.08.12 20:48:56 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\OpenOffice.org
[2012.11.30 22:19:19 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Origin
[2012.12.08 19:12:14 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PhotoFiltre 7
[2012.09.23 15:43:55 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PhotoFiltre Studio X
[2013.01.06 10:50:37 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PIPSDATA
[2012.08.02 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\PunkBuster
[2012.10.31 16:13:43 | 000,000,000 | RH-D | M] -- C:\Users\Rhonwyn\AppData\Roaming\SecuROM
[2013.01.03 17:51:06 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Skype
[2012.09.13 07:48:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Splashtop
[2012.08.22 17:18:55 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\SPORE
[2012.12.26 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Sports Interactive
[2012.10.15 20:09:39 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\SUPERAntiSpyware.com
[2012.09.14 15:15:52 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\TeamViewer
[2012.11.26 22:47:14 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\Thunderbird
[2013.01.01 13:01:25 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\TS3Client
[2013.01.06 16:42:21 | 000,000,000 | ---D | M] -- C:\Users\Rhonwyn\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2013.01.10 22:31:41 | 001,303,040 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\EVE IPH\EVE Isk per Hour\EVEIPH\EVE Isk per Hour.exe
[2012.12.04 17:09:08 | 000,054,784 | ---- | M] (Home) -- C:\Users\Rhonwyn\AppData\Roaming\EVE IPH\EVE Isk per Hour\EVEIPH\EVEIPH Updater.exe
[2012.12.29 15:05:28 | 000,048,514 | R--- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Installer\{236FF571-7197-40E9-921D-D5FDC752C697}\InstallerIcon.exe
[2013.01.06 10:50:21 | 000,018,718 | R--- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Installer\{34625CCD-CADB-470A-B591-1914C2E62EFE}\_47184834.exe
[2012.11.11 15:30:01 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.07.29 15:19:26 | 000,010,134 | R--- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2011.10.18 19:47:26 | 003,123,272 | ---- | M] () -- C:\Users\Rhonwyn\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.01.12 23:42:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.12 23:11:56 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.12 23:17:01 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.10 03:10:07 | 001,587,146 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2013.01.11 21:40:14 | 000,280,904 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2013.01.11 21:40:40 | 000,281,520 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe
[2013.01.11 21:40:40 | 000,281,520 | ---- | M] () -- C:\Windows\system32\PnkBstrB.xtr

< %SYSTEMDRIVE%\*.exe >
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM Startup" = C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup -- [2005.02.17 06:15:22 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"EPSON SX218 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_S7881.tmp" /EF "HKCU"
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2012.04.26 13:33:38 | 003,111,744 | ---- | M] (DT Soft Ltd)
"Steam" = "C:\Program Files (x86)\Steam\Steam.exe" -silent -- [2012.12.03 23:07:23 | 001,354,736 | ---- | M] (Valve Corporation)
"EADM" = "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart -- [2012.11.30 22:18:15 | 003,492,504 | ---- | M] (Electronic Arts)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 04:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"HydraVisionDesktopManager" = "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" -- [2011.01.26 16:28:46 | 000,393,216 | ---- | M] (AMD)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.01.08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.) MD5=CC19B60A901A415624F5771F1F0A6060 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.12 23:27:29 | 000,000,512 | ---- | M] () MD5=1239DA8D23E30211A32FB6411E8EAEB8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.08.28 19:11:08 | 000,027,800 | ---- | M] () -- \Program Files (x86)\Desura\Common\Project Zomboid\media\sound\crackwood.ogg
[2012.10.11 10:38:23 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2012.10.11 10:37:46 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2012.10.11 10:39:40 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2012.10.11 10:37:46 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2012.10.11 10:38:16 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2012.10.11 10:37:46 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2012.10.11 10:39:12 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2012.10.11 10:38:54 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2012.10.11 10:38:17 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2012.10.11 10:38:05 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2012.10.11 10:38:17 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2012.10.11 10:38:49 | 000,017,491 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked
[2012.08.22 17:06:06 | 006,811,322 | ---- | M] () -- \Users\Rhonwyn\Downloads\SPORE-Galactic-Adventures-CRACK-+-CD-KEY-[Upload-by-DoDgeMan].rar
[2009.03.05 11:17:35 | 009,378,612 | ---- | M] () -- \Users\Rhonwyn\Downloads\Drum and Bass Collection 8 (2009)\Silent Killer - Crack Anthem.mp3

< *keygen* /s >

< *loader* /s >
[2008.02.17 23:02:54 | 000,253,691 | ---- | M] () -- \Program Files (x86)\BestGameEver\Audiosurf\engine\Preloader.cgr
[2008.02.17 23:02:44 | 000,000,878 | ---- | M] () -- \Program Files (x86)\BestGameEver\Audiosurf\engine\Preloader_config.xml
[2008.02.17 23:02:26 | 000,016,384 | ---- | M] () -- \Program Files (x86)\BestGameEver\Audiosurf\engine\channels\FileLoader.dll
[2012.08.27 20:33:18 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.09.11 08:18:45 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.11.02 21:59:24 | 001,154,888 | ---- | M] () -- \Program Files (x86)\Desura\bin\crashuploader.dll
[2011.08.28 19:11:08 | 000,000,576 | ---- | M] () -- \Program Files (x86)\Desura\Common\Project Zomboid\.metadata\.plugins\org.eclipse.debug.core\.launches\FrameLoader.launch
[2011.09.06 19:11:09 | 000,004,671 | ---- | M] () -- \Program Files (x86)\Desura\Common\Project Zomboid\zombie\FrameLoader.class
[2006.01.02 09:10:42 | 000,049,152 | ---- | M] () -- \Program Files (x86)\Futuremark\3DMark06\PhysXLoader.dll
[2012.04.19 07:47:30 | 000,006,081 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.04.13 11:00:14 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.04.19 07:50:38 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.04.13 11:00:00 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.04.19 03:08:12 | 000,003,867 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2011.10.31 13:57:08 | 000,000,483 | ---- | M] () -- \Program Files (x86)\SEGA\Football Manager 2012\Editor\Editor.app\Contents\lib\Chromium Framework.framework\Resources\nacl_loader.sb
[2011.10.31 13:57:08 | 000,000,483 | ---- | M] () -- \Program Files (x86)\SEGA\Football Manager 2012\Resource Archiver\Resource Archiver.app\Contents\lib\Chromium Framework.framework\Resources\nacl_loader.sb
[2012.11.05 16:11:20 | 000,000,483 | ---- | M] () -- \Program Files (x86)\SEGA\Football Manager 2013\fm.app\Contents\lib\Chromium Framework.framework\Resources\nacl_loader.sb
[2012.10.17 22:44:21 | 000,058,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2012.11.16 22:06:05 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2012.11.16 22:06:05 | 000,000,916 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2012.11.16 22:06:20 | 000,000,916 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2012.11.16 22:06:07 | 000,002,656 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2012.11.16 22:06:05 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2012.11.16 22:06:03 | 000,000,852 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2012.11.16 22:06:07 | 000,000,852 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2012.11.16 22:06:07 | 000,002,868 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2012.11.16 22:06:05 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2012.11.16 22:06:18 | 000,000,876 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2012.11.16 22:06:10 | 000,000,876 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2012.11.16 22:06:20 | 000,002,706 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2012.11.16 22:06:05 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2012.11.16 22:06:18 | 000,000,856 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2012.11.16 22:06:03 | 000,000,856 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2012.11.16 22:06:18 | 000,002,754 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2012.11.16 22:06:05 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2012.11.16 22:06:10 | 000,000,748 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2012.11.16 22:06:18 | 000,000,748 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2012.11.16 22:06:05 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2012.11.16 22:06:03 | 000,000,222 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2012.11.16 22:06:18 | 000,002,636 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2012.10.17 22:44:03 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2012.10.17 22:49:42 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2012.10.17 22:43:59 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2012.10.17 22:49:42 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2012.10.17 22:43:56 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2012.10.17 22:44:24 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2012.10.17 22:44:05 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2012.10.17 22:44:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2012.10.17 22:44:05 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2012.10.17 22:49:44 | 000,004,418 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2012.10.17 22:43:59 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2012.10.17 22:44:03 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2012.10.17 22:49:42 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2012.10.17 22:43:59 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2012.10.17 22:49:42 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2012.10.17 22:43:56 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2012.10.17 22:44:24 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2012.10.17 22:44:05 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2012.10.17 22:44:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2012.10.17 22:44:05 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2012.10.17 22:44:01 | 000,004,550 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2012.10.17 22:43:59 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2012.10.17 22:44:03 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2012.10.17 22:49:42 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2012.10.17 22:43:59 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2012.10.17 22:49:42 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2012.10.17 22:43:56 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2012.10.17 22:44:24 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2012.10.17 22:44:05 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2012.10.17 22:44:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2012.10.17 22:44:05 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2012.10.17 22:44:13 | 000,004,486 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2012.10.17 22:43:59 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2012.10.17 22:44:03 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2012.10.17 22:49:42 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2012.10.17 22:43:59 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2012.10.17 22:49:42 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2012.10.17 22:43:56 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2012.10.17 22:44:24 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2012.10.17 22:44:05 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2012.10.17 22:44:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2012.10.17 22:44:05 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2012.10.17 22:44:08 | 000,004,558 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2012.10.17 22:43:59 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2012.10.17 22:44:03 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2012.10.17 22:49:42 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2012.10.17 22:43:59 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2012.10.17 22:49:42 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2012.10.17 22:43:56 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2012.10.17 22:44:24 | 000,000,228 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2012.10.17 22:44:05 | 000,000,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2012.10.17 22:44:04 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2012.10.17 22:44:05 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2012.10.17 22:44:24 | 000,000,226 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2012.10.17 22:49:44 | 000,004,418 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2012.10.17 22:43:59 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2012.12.14 20:42:30 | 000,000,892 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ESN\GD_Sage_Pop_Loader.ESN
[2012.12.14 20:42:39 | 000,000,874 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\FRA\GD_Sage_Pop_Loader.FRA
[2012.12.14 20:42:43 | 000,000,898 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ITA\GD_Sage_Pop_Loader.ITA
[2012.10.17 20:13:19 | 003,465,909 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2012.10.17 20:53:28 | 000,032,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2012.10.17 22:47:11 | 000,001,140 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2012.10.17 22:47:26 | 000,000,504 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2012.10.17 22:47:27 | 000,009,492 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2012.10.17 22:47:05 | 000,001,072 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2012.10.17 22:47:27 | 000,000,518 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2012.10.17 22:47:31 | 000,009,746 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2012.10.17 22:50:29 | 000,001,098 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2012.10.17 22:50:30 | 000,000,514 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2012.10.17 22:50:31 | 000,009,610 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2012.10.17 22:47:56 | 000,001,068 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2012.10.17 22:48:17 | 000,000,530 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2012.10.17 22:50:35 | 000,009,798 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2012.10.17 22:48:41 | 000,000,946 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2012.10.17 22:49:19 | 000,000,502 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2012.10.17 22:48:46 | 000,009,486 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2012.12.26 15:57:02 | 000,057,856 | R--- | M] () -- \Program Files (x86)\Steam\steamapps\common\Darkspore\DarksporeBin\PhysXLoader.dll
[2012.12.09 13:22:17 | 000,064,280 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Doctor Who Eternity Clock\Binaries\Win32\PhysXLoader.dll
[2012.09.08 12:53:19 | 000,058,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Eve Online\bin\PhysXLoader.dll
[2012.12.30 22:50:08 | 000,000,483 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Football Manager 2013\fm.app\Contents\lib\Chromium Framework.framework\Resources\nacl_loader.sb
[2012.11.30 00:19:43 | 000,142,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\APEX_Loader_x86.dll
[2012.06.05 18:24:09 | 000,290,816 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\wws_crashreport_uploader.exe
[2012.01.30 18:36:40 | 000,293,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
[2012.09.17 07:40:14 | 000,022,574 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\the witcher 2\CookedPC\globals\gui\loadingscreens\loader.swf
[2012.11.23 09:26:02 | 000,058,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\PhysXLoader.dll
[2012.05.18 07:17:58 | 005,297,152 | ---- | M] () -- \Program Files (x86)\Teco\Mosaic\Utils\TecoUtils\ProjectLoader\ProjectLoader.exe
[2011.10.30 06:10:18 | 000,234,616 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ubiorbitapi_r2_loader.dll
[2011.10.30 06:10:24 | 000,169,080 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\uplay_r1_loader.dll
[2012.08.02 18:37:29 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.12.15 21:26:26 | 000,006,231 | ---- | M] () -- \Program Files (x86)\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.lua
[2012.12.15 21:26:26 | 000,000,875 | ---- | M] () -- \Program Files (x86)\World of Warcraft\Interface\AddOns\AtlasLoot_Loader\AtlasLoot_Loader.toc
[2013.01.12 23:29:49 | 000,000,117 | ---- | M] () -- \Program Files (x86)\World of Warcraft\WTF\Account\SHAMEEKA\SavedVariables\AtlasLoot_Loader.lua
[2012.10.08 15:34:18 | 000,000,078 | ---- | M] () -- \Program Files (x86)\World of Warcraft\WTF\Account\SHAMEEKA\SavedVariables\AtlasLoot_Loader.lua.bak
[2012.08.17 14:19:39 | 000,001,463 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Mosaic\Project Loader.lnk
[2012.08.17 14:19:41 | 000,001,539 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Mosaic\Documentation\Project Loader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.08.17 14:19:39 | 000,001,463 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Mosaic\Project Loader.lnk
[2012.08.17 14:19:41 | 000,001,539 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Mosaic\Documentation\Project Loader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.21 10:05:38 | 000,002,120 | ---- | M] () -- \Users\Public\Desktop\MP3 Downloader.lnk
[2013.01.02 17:42:33 | 000,105,903 | ---- | M] () -- \Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TC3YDAN\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.01.02 17:42:33 | 000,000,753 | ---- | M] () -- \Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\AdLoader[1].htm
[2012.07.17 13:18:16 | 000,009,051 | ---- | M] () -- \Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 13:18:16 | 000,016,119 | ---- | M] () -- \Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 13:18:16 | 000,018,434 | ---- | M] () -- \Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.17 13:18:16 | 000,009,283 | ---- | M] () -- \Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.17 13:18:16 | 000,001,898 | ---- | M] () -- \Users\Rhonwyn\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.11.11 15:25:35 | 000,373,448 | ---- | M] () -- \Users\Rhonwyn\Downloads\SoftonicDownloader_for_logitech-webcam-software.exe
[2012.08.06 15:36:26 | 000,011,880 | ---- | M] () -- \Users\Rhonwyn\Downloads\Projekty\mysql connector\Source\MySql.Data\BulkLoader.cs
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 09:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 09:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 09:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 09:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 09:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.07.23 08:25:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.07.23 08:25:31 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.07.23 08:25:31 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.07.23 08:25:31 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.07.23 08:25:31 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 09:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc

< End of report >

Re: kontrola logu

Napsal: 13 led 2013 00:00
od Rhonwyn
OTL Extras logfile created on: 12.1.2013 23:45:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rhonwyn\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 4,01 Gb Available Physical Memory | 50,27% Memory free
15,97 Gb Paging File | 11,06 Gb Available in Paging File | 69,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 482,56 Gb Free Space | 51,81% Space Free | Partition Type: NTFS
Drive E: | 1,62 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: RHONWYN-PC | User Name: Rhonwyn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E151A3E-008D-4739-9EA4-61B24BE46DD3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1206E721-3704-420E-A9CB-9C9A23BA00A7}" = lport=443 | protocol=6 | dir=in | app=system |
"{1CED1843-9E6D-4B06-A5B9-9B70816932D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{2050976E-0F97-4A08-AB1D-CB984FC42277}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36B9098B-FFF4-4810-83CA-101E3E49D690}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3DF2675F-0FF0-4DC1-94C2-F2051BEE818A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{40DADA5E-1508-493D-BA36-143130C95E7F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5F7B6A27-1366-4AEE-AD02-FF1795561DF3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{61B41DB8-C945-4774-B11C-CBF5EF6233AB}" = lport=137 | protocol=17 | dir=in | app=system |
"{6F8012A3-8015-4999-AC71-BBC8897DCE38}" = lport=138 | protocol=17 | dir=in | app=system |
"{770DA2E5-85ED-42EF-A72E-58D24F71289F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83A79B13-7B1C-4CF7-8680-C69D18F9260A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8A7D1A31-3FD1-4D58-BA10-787C9B9F813C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8FF32B1F-3C7B-49D5-B0D3-9EAC2F353128}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9EACA873-13A8-4160-928F-D2FDE17E09A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A22F5BD2-6EF0-467A-83EA-B08C09C8B79E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4463D7A-F733-4A5E-9F62-EF5361900825}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8D7D1AA-F3CE-4556-824B-AE25BE1220EE}" = lport=139 | protocol=6 | dir=in | app=system |
"{D2A845A1-4EA9-4ECD-BBCA-82C1A156FFDE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D79951C3-BE75-4A1A-97CC-0DEBB9E3F6EC}" = rport=138 | protocol=17 | dir=out | app=system |
"{D882126E-77B0-4BE1-A87A-55A0EDBAFED0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA836B02-D8EB-4570-9326-F4BFD47363DC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E8350B21-4AF7-4F1F-921B-62210BCE0FA4}" = lport=445 | protocol=6 | dir=in | app=system |
"{EE50B751-4F1C-41CA-9378-19B1ADE62499}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE6409BA-6C3D-449B-BA0A-A529CD22D8C1}" = rport=445 | protocol=6 | dir=out | app=system |
"{F5DE1DE1-431E-4359-83A6-861B9A1C4B3D}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0088AA0E-55F5-4060-93E3-D2F9E9B04284}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{0478C612-3602-4CC8-A92B-8F053EA9F19A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{08F049CB-A8C7-4139-B915-BF809CF326E1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{09E7895A-9358-4FA2-AAA1-9B1F5447A361}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0A5C60F2-A6E7-45FD-8731-5453777ABE07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AB7BD9C-1382-4110-B385-DBA9D72556EA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{0AE2DA97-1B23-444E-BB6E-A587758A397E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{0B1D28B4-627A-4EE5-81A2-47939093F039}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{0B70DD99-C268-4B30-BBED-665038010089}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fablelauncher.exe |
"{0C627BCC-5D49-45D7-83B0-04D426D2230E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{0E402C75-6CDE-4850-BCB2-9F6770C5E299}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0FB5F4C0-4618-466F-B725-1AA42E54941E}" = protocol=6 | dir=out | app=system |
"{11E6CCFF-C274-41F6-9CB9-4F3D06911A8E}" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe |
"{1338556B-6487-4C61-A7A7-BFB2C650869E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{139B27EA-DC38-4F09-8774-C9327671B833}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1611147C-7978-4F02-9387-F4B344C97793}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{17FD21F4-D0C3-4105-BF83-67E1CE6405DF}" = protocol=6 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe |
"{1891FC74-04BC-469A-B392-4136F429E9BB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{19D7151B-02DE-43BA-8278-6A72173D509D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1B13A6D5-386A-4C49-B8F8-1BA11509783F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{1C1E7FF2-6567-4F52-B966-97661005F7D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{1C5ECEC2-A122-4457-844B-66CEFADDB685}" = protocol=17 | dir=in | app=c:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe |
"{1C696AB9-862D-46C9-8A6F-77128D9804AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1D17F79F-68CE-4B5D-A182-6C8040A10095}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |
"{1D241A6D-D405-469D-95C4-6DF80F614489}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore\darksporebin\darkspore.exe |
"{1D9DE0A3-2328-4462-BA7D-B0D6FDA2016A}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1EF18361-E923-4A6F-8BCD-8108B3290F1B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{237FC338-5E6C-4101-8391-078ED811A1E2}" = protocol=6 | dir=in | app=c:\users\rhonwyn\desktop\pokus\cash_ds.exe |
"{23A80AC9-E9F0-44D1-BC15-5D0FC2292222}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{251FBE46-C9EA-4214-A255-837E70C9E0B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{258DC9A8-6754-469E-8224-3E78C2A55BCB}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"{26D54CD9-DA08-468B-AC54-EAA4231713BB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{26F63597-2871-4F80-AAEE-C0BF97FE93EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{28BC6F53-09DE-4D89-BCBD-DAAEE9982F82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{2948BEB7-9216-4437-899C-630E0F886539}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{2C458EDC-E149-468C-8211-CC66F81C3947}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CDFBDB1-10CD-4E40-BEC2-59E517CB7EFA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{2E111182-6C63-4B0F-AD8E-26DAB26913E5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{2F0B2F4E-C1DD-48A5-BFD1-355409D953F2}" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe |
"{317BD318-B960-4FC0-8186-3EC399EB612B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\scarygirl\game.exe |
"{319FC7CE-D231-4A13-9547-C5BFB025CAA1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{32F33E2C-F4A1-44D2-AF6D-D8AA265E6D63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eve online\eve.exe |
"{33D27EBD-7405-42C2-B637-4B8BC7F42E01}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{359691F0-14CC-4CD6-92A6-6D0E2C915AE4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35ED9401-00A9-4FDC-BE56-D80CC7D31603}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36EBF357-7C00-4DCE-8BF3-4DBFB8540476}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{37D46980-83A0-45BD-BA73-919BD8420872}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{383B042A-53A2-4365-9464-D5978B8C1B79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{384D5F51-990D-4AE1-BFA6-C936BFFE6985}" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe |
"{3B619D99-69B9-4C54-A123-D3DE54D58E0A}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3BFDC36F-F9EB-461A-B80D-A0FC02058954}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3CC4F064-A3E4-477F-8C3F-55663A165F37}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CEFBCE1-54BA-473C-B3B5-F080070E967D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{3D900174-7CCB-484A-85C0-08184E15D727}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3F71F88C-1CFF-427E-988B-50F79B84BB8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{40E5C134-5102-4FFB-BA23-977DD2C9A4DC}" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe |
"{415A6979-8FBB-4713-861A-861D6DCE3463}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{43921B4D-9A95-4F13-9005-7C79D4964A9E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{43A69467-E9C2-4BFA-89B6-2CB721148744}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{44913009-6E99-4115-AF34-658CC6DBBAE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{44DBCF92-8C14-4F96-87A1-C2A285ABCCB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{45EF6C88-43E7-4346-ACE4-3AA647A8B6C9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{46D45E8C-6B72-4F72-B0F7-18E1E414CB3D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{481ED682-2744-4E34-8612-94AC8742FF2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{485C44B6-B5F0-45C4-8E6D-A474324F792D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\scarygirl\game.exe |
"{49E18144-381D-4700-BD5D-BF5987DD99E2}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{4BE7A132-3BCC-4246-A762-BB65EE922325}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{4E201D63-7CEB-4FD7-A435-B8884DD531A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore\support\ea help\electronic_arts_technical_support.htm |
"{4F26082E-22EA-4335-90A3-824111AA8F56}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{4F51F2FF-D0A4-42BA-8A42-8098CA130F58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{521C0B7E-72AB-4541-A90D-E1DEE15FE80D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{531FA77C-D747-4ECA-9BB2-B524C7BCAB54}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{536F86E4-DBD7-4DA3-8A74-4874B1D5B003}" = protocol=17 | dir=in | app=c:\users\rhonwyn\desktop\pokus\cash_ds.exe |
"{56EC27B2-B2A0-403B-8A16-A96D9F9D9141}" = protocol=17 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe |
"{5824956D-273D-4E1C-A31D-C4E1CD3E89BA}" = dir=in | app=c:\windows\system32\hasplms.exe |
"{58F88152-D437-4D72-9469-1D0CF152BBE6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{5B71B79A-E03C-47F2-8403-01ECAE20ED10}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{5C194D8F-0C3C-48D2-8049-23C5FB4C72F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60392289-52CA-4BCC-BC1D-40AF14C0E9E5}" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe |
"{64B9D7FC-F4A6-42AF-A47B-AE592563F90F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{65E0CDF4-A842-40D9-A6B1-6536FC6D0DC1}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{674E3D97-2F57-4B0F-BF8A-36AC47142693}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
"{689D5DBA-71F0-40B0-955F-BDE6A8F192BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6BD56B8B-AEE3-48EB-BE19-05D624493E40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6D82EDC7-34B4-4944-9BA6-C1CC8E51F610}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{6E684C9F-B1A6-4384-BD04-B1F345860E22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{6ED3E404-B450-4217-829B-064EA662D00B}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{7052CBAE-E44A-429C-87D8-01D2AA806964}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{711F9860-49F6-4676-832C-752B5AD6EA71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zombie bowl-o-rama\zombie bowl-o-rama.exe |
"{743AF105-BAA9-4C20-907F-8BBC0AA133D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas enplczru\falloutnvlauncher.exe |
"{74CB5780-7932-4B59-8152-EC07CDF689ED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{74EA8FB8-F594-4E7D-85D0-B28BE0C38EA9}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{7507A2A8-A950-4FE5-BAA1-0F160AB5496F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7589ADE5-698B-47A3-8966-2E54BFEBEABD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{7625425F-632A-4CCC-9527-3E679147C5E4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{76411A0A-DA90-4CDB-B461-460DCF588230}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"{7936D640-0CDF-47FA-9058-578C7BB858C9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\doctor who eternity clock\binaries\win32\dwtec.exe |
"{7A11E0B0-F7B9-4CAD-AEE6-0D786AEF5206}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{7A502478-67DA-40DE-A53E-F2EA797BB7FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{7C6BD758-CFC7-45CB-9DBD-536A12510858}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{7CB73EBC-9912-475F-B270-BA03F8378D49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{7DF7AB61-FE1F-4173-B412-EDE35385DA60}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{7ECD479C-F99A-4846-80E4-D60B18090A0D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin\origin.exe |
"{803571AB-A5D7-4F3F-A82C-7FA206B6D700}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{829BC2B6-316B-4BA2-9ECE-D2F8B96B4B39}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{82D90ACF-91DC-4100-AC27-B73A7B49D1F7}" = protocol=17 | dir=in | app=c:\program files (x86)\sega\football manager 2012\fm.exe |
"{8441948C-0C66-415C-90EF-B1E76866C4EA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8861E1E6-D573-4EA2-B3C2-D1467F1EFC7F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{89B992DB-E7B7-4534-8A37-BC397DFDF517}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{92CD5C69-5940-464D-8EF2-A8437EB949CE}" = protocol=58 | dir=in | app=system |
"{93F751AB-8A15-4AB1-BB7F-4066017C323D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
"{94790A55-7CAF-45BA-946E-CEA0CE7E696F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{956203C7-7129-4B4C-A1FE-2032060ABB93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{957E06AA-9E82-44C7-B94E-8F8279145BD0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{95CC14DA-C982-47D7-9164-34DADB392485}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{996CB886-F0B0-4523-8B68-9136B1F5095B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{99C130D9-B955-4015-916E-1B06800EEE2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{9A47B334-7BE1-4181-B950-53B1D8FDDE3B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{9AEF0375-2586-4503-ABB0-57B40E76D65F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{9BFA037D-A3B0-4BF5-B700-B0D7ED70F15B}" = protocol=6 | dir=in | app=c:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe |
"{9C141E11-B08F-4A21-B839-E45510482106}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"{9C86DA81-0D84-4F6E-923C-EF2B2066C03A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F2CCD90-08C2-4E0D-BEE1-F6C5FEDE55F2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A01305DC-0726-4A07-A1AE-591B42FE0C7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A63FE2B9-DDE8-457B-9D1B-91901D92EACA}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{A64BD5FD-D3F3-47D5-9561-2AAF951BBAB5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A7D02D7B-1CBA-4925-A2FD-C9D2CAC3A9C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{A7E7E7D8-EB09-4282-A8DE-CE1E7856E307}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A9164F2F-F703-4A98-8355-143FFB024D4A}" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe |
"{AB9278F7-E713-48CF-B9CA-5CEA57DC5728}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore\darksporebin\darkspore.exe |
"{AC53B922-5461-436C-8AF0-CA230DE42AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{AC6187F6-5B21-4D66-8771-AD900355D4EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space 2\deadspace2.exe |
"{AC91ED7A-6173-427C-A030-1D9E75AC03D0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{AD8B7359-DD00-494F-A796-B88E07171F2A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{AF02F6EA-454E-4230-BB79-F8BDD49F7E7F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{AFE4C88B-95AC-40E2-BF82-D70DBDDD1CA5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFEEB65B-F7D9-4670-A3FE-1DB5E189E0E4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B267298A-5792-4560-A8F0-B8B13CFE2CB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\doctor who eternity clock\binaries\win32\dwtec.exe |
"{B2F2DCA0-5D35-49C5-8D5A-FD14303CFE2C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B49746A4-66C0-4B93-8B33-474EDEA26176}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B5E975A0-512F-4A73-867E-949BF9BF0B04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fablelauncher.exe |
"{B6AEEF5D-904D-46F1-9997-40CD24F03851}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{B7154B00-FF01-40D3-B6AE-C840DE568DE7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{B8298FA4-239E-40B0-8ECE-E87C85C5ABC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{BA24CD49-A033-4CDB-94F5-8493DA1030AB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{BA253A9D-44EB-4D4C-A050-4062C9DCBDED}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BA5CC110-C43F-46B3-AD64-F6A179B9F948}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{BB95A150-23E7-47CE-9250-9424A3019F62}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{BBB478AE-5489-47DF-B79E-DAA32B84FD9C}" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe |
"{BDA863D3-4078-4983-A48E-33EEBF480038}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{BFC3D7B5-D855-47F5-88AA-32E61E511B7C}" = protocol=6 | dir=in | app=c:\program files (x86)\sega\football manager 2012\fm.exe |
"{C39A5E57-834D-4D77-856E-D1EE37FDF782}" = protocol=6 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe |
"{C6155160-CECC-46E5-A9DE-27AB88299656}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\3switched\3switched.exe |
"{C84A857A-63FA-4369-81E0-437069F3B405}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C904A635-CE72-4BC5-B6A4-290F816A6644}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{CBAE1C14-0D15-4C6E-B6B1-3D5C02C3898B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CC44DC0F-30FD-4D30-BF91-8D9192432682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes of might and magic 5\bin\h5_game.exe |
"{CCFB1F54-F4CF-4CC0-80D3-F754BB4C5FE7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{CD03E944-CD85-4B77-9477-ED21D9F70F9E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CE1DE5E4-AD50-4F7A-A208-9EA7EEFE579C}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{CF7B977D-130D-465E-8E59-6AE1319B0C53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{D24DB0A4-F757-47E6-8F55-EB17F1FA8E0D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D4576193-9F2C-4C05-82D3-650180B6F736}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |
"{D4F39328-99C1-4D74-8068-13E251B50BDC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space 2\deadspace2.exe |
"{D670A06D-9623-4CEE-BA55-96E989BF0A15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6B5C439-AC45-4B8B-A876-003969F96863}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{D6F7068A-BD80-419B-9CC3-273E76AB9C08}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D850DD37-3964-4DB8-802B-3F6889151F6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{D8B4BCDC-52B8-41CB-8E4E-901EDD135BCC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
"{D8F9E3EC-8F82-4F23-A154-8C662A6EEC80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{D9C60B73-F326-4066-8BB3-55635562DFAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{DAF8A73A-5A8C-4F33-93E6-EDD64977CC34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{DB0CE726-F177-4275-9BBD-F5276C38A4E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{DF4E2FC6-8825-48A3-BC85-771C04EA1B6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{DF79C17B-6675-44F4-9BDE-DDDCE9B92A52}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{E0903163-3087-41D9-9243-1D8A7A94946E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{E0E886E1-F17D-4B56-B681-AD711F4952EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space 2\support\ea help\electronic_arts_technical_support.htm |
"{E11BA3CF-D0BE-4A6C-BA2F-ACDBFD2F2A1F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas enplczru\falloutnvlauncher.exe |
"{E5099B9E-5EC9-4298-970B-92A3850F8853}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{E5562EF1-73AD-45FB-806E-B17F86426577}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E58EFE33-F7FC-4CCB-B64A-1D1063348124}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E628A238-B032-4B5F-A623-D08C156D7F3C}" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe |
"{E817550A-73CC-4A59-AF89-7899F6152838}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EC801E0B-4919-4503-8595-BE493F267CB0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{EC9E4FE4-2697-4FE7-B53E-43D98CD5426F}" = protocol=17 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe |
"{ECA99ADF-E098-4C7B-9A77-41B191DDDBE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{EF956676-9DF0-4295-ACA7-4FD3317A3C81}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zombie bowl-o-rama\zombie bowl-o-rama.exe |
"{F1292156-F797-41B1-9066-40B72B97A28B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F26D69FB-485E-4A76-9863-7495AE537B1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"{F78739CF-5083-420C-83C0-BB14500109B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{F8B47EAA-8724-40A1-B991-A18333211662}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA0E40ED-DA45-4694-8928-B64E90641CFD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore\support\ea help\electronic_arts_technical_support.htm |
"{FB223800-35A0-4D85-9578-B3CD4F2A82EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{FD7DE747-0951-4171-A37A-EDA29BDF3E15}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{FEA972E0-D349-4A77-890A-3E240577C779}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eve online\eve.exe |
"{FEF4886E-806D-496B-ACE4-B4F8EAAC062B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\3switched\3switched.exe |
"TCP Query User{0C31F59C-1245-43A9-944A-3675AB936518}C:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe |
"TCP Query User{13753318-56D2-4ACF-872D-DB0C59253ECD}C:\program files (x86)\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eve online\bin\exefile.exe |
"TCP Query User{2220D490-4D4F-4CF1-8046-85062F7948AC}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe |
"TCP Query User{3859F4A1-0D28-4C8F-B728-D045F9BD75E6}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"TCP Query User{5AB1F22A-DCAD-4799-87D7-DA1192F37370}C:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe |
"TCP Query User{779F5BE0-9604-49C8-A4D1-41AAADF153F7}C:\users\rhonwyn\desktop\pokus\cash_ds.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\desktop\pokus\cash_ds.exe |
"TCP Query User{781D0140-1B45-4845-8D8C-24014AE76BB1}C:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe |
"TCP Query User{8031E402-5D41-4676-B7DA-DBC87CD1F69C}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe" = protocol=6 | dir=in | app=c:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe |
"TCP Query User{84707C13-51BA-4053-B1D6-E58D168E7DA7}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{8C615FCC-223F-47C4-A1CB-B9D4CF640204}C:\program files (x86)\sega\football manager 2012\fm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sega\football manager 2012\fm.exe |
"TCP Query User{8DCD8F45-B41E-40B9-816A-16BFA5CB07D7}C:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe |
"TCP Query User{CBAC1349-A160-40C1-A7EB-7276BA883A1F}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{DF3DA02B-5C75-4B80-B2FD-F4E552945EEA}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.exe |
"TCP Query User{E2D500AB-AD78-4141-ADA7-E6F16D2AE3F6}C:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"TCP Query User{ECEE6DD0-25C3-4780-99DF-6D4FE529A1E4}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe |
"TCP Query User{FEEF28BE-2271-4240-8671-256C91F03C6A}C:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe" = protocol=6 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe |
"UDP Query User{021AEE84-F00F-496D-8FB1-3B718531C88A}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.vshost.exe |
"UDP Query User{09B0F246-29A0-46BF-B248-F32CD988BD42}C:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"UDP Query User{0E15CA62-DCD3-4C4F-9D27-3BAC958FB11C}C:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2.exe |
"UDP Query User{102A10F8-29A9-41B8-9ADF-19C9697095F6}C:\program files (x86)\sega\football manager 2012\fm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sega\football manager 2012\fm.exe |
"UDP Query User{14B8AA89-58E3-4515-8579-A42CF20CAD34}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{18C25F17-226E-4CA8-8B30-2B6561CAFF97}C:\users\rhonwyn\desktop\pokus\cash_ds.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\desktop\pokus\cash_ds.exe |
"UDP Query User{1F1C9993-AC64-4257-9989-7DBB80702AE0}C:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\release\cash_ds.exe |
"UDP Query User{277FD836-501B-4F25-9CB1-88C669438198}C:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe" = protocol=17 | dir=in | app=c:\program files (x86)\beamdog\baldur's gate - enhanced edition\baldur.exe |
"UDP Query User{5E4EA12C-AC21-404A-A8C9-410958253B9E}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\debug\windowsformsapplication1.exe |
"UDP Query User{626364E6-B8C7-4737-8D72-EB37DCD3C5D0}C:\program files (x86)\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eve online\bin\exefile.exe |
"UDP Query User{6E031B81-DAB2-4408-8976-D2AB55D7004F}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{812E2DAF-3127-4711-AF1E-523C1B7AA310}C:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\release\entry terminal.exe |
"UDP Query User{A9F2D229-5E91-421F-AF22-69FA3657D351}C:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\udp test\windowsformsapplication1\windowsformsapplication1\bin\release\windowsformsapplication1.exe |
"UDP Query User{C2504417-9B93-4B8A-9976-C657B965F1BE}C:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\documents\visual studio 2010\projects\entry terminal\entry terminal\bin\debug\entry terminal.vshost.exe |
"UDP Query User{C5F594DB-9411-4F29-95F6-AC2027649F40}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"UDP Query User{E61177E8-96D7-4233-B948-52EA7BBF1BF6}C:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe" = protocol=17 | dir=in | app=c:\users\rhonwyn\downloads\projekty\cash_ds\cash_ds\bin\debug\cash_ds.vshost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{18A5D014-E9AD-DEFE-FAFE-A409612F51B4}" = AMD Media Foundation Decoders
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50BD00DC-127E-BF00-FDD5-E1A93AB3507C}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6150345A-1382-4713-B38B-482388DC7E7B}" = MySQL Server 5.5
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A01AF425-8AF4-821B-3981-F608519CB1D2}" = AMD Drag and Drop Transcoding
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2F6D87D-69E1-9FD2-4DD0-FB36124AA0E3}" = ATI AVIVO64 Codecs
"{BB009B20-0BA0-ABDF-1947-4D56639214C7}" = AMD Accelerated Video Transcoding
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"878E574BD3BB8CFE802F64F340FED157A03FFC3B" = Balíček ovladače systému Windows - Microchip Technology, Inc. (usbser) Ports (03/26/2010 5.1.2600.2)
"CCleaner" = CCleaner
"EPSON SX218 Series" = Odinstalace tiskárny EPSON SX218 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{236FF571-7197-40E9-921D-D5FDC752C697}" = MySQL Installer
"{23C3EF87-AD08-4F76-982D-1AE137485F08}" = MySQL Workbench 5.2 CE
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{34625CCD-CADB-470A-B591-1914C2E62EFE}" = PIPS
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1
"{45EF496C-9E09-4796-8E9B-BCEB968C5CB8}" = MySQL Examples and Samples 5.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{61A1A5A8-2835-46CD-9429-A8F4CFEE6657}" = EVE Isk per Hour
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktická dobrodružství
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{7F123308-4717-4B74-BA49-BC11BEF70134}" = MySQL Connector Net 6.5.5
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CA4A06DE-33A9-B191-D115-8CF214945154}" = HydraVision
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C0221D-1DCD-487A-A3D1-E0C5B954F1DC}" = OpenOffice.org 3.4
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"Baldur's Gate - Enhanced Edition_is1" = Baldur's Gate - Enhanced Edition
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Pro" = DAEMON Tools Pro
"Desura" = Desura
"Desura_62350040236064" = Desura: Project Zomboid
"Diablo III" = Diablo III
"EPSON Scanner" = EPSON Scan
"ESN Sonar-0.70.4" = ESN Sonar
"Football Manager 2012_is1" = Football Manager 2012
"Football Manager 2013_is1" = Football Manager 2013
"FormatFactory" = FormatFactory 2.96
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"MCP2200 Configuration Utility 1.3" = MCP2200 Configuration Utility
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Mosaic_Integrated_Development_Environment_is1" = Mosaic 2012.2
"Mozilla Thunderbird 17.0.2 (x86 cs)" = Mozilla Thunderbird 17.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Sins of a Solar Empire Rebellion (c) Stardock_is1" = Sins of a Solar Empire Rebellion (c) Stardock version 1
"StarCraft II" = StarCraft II
"Steam App 105400" = Fable III
"Steam App 1250" = Killing Floor
"Steam App 15170" = Heroes of Might and Magic V
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 202370" = Scarygirl
"Steam App 206610" = 3SwitcheD
"Steam App 207610" = The Walking Dead
"Steam App 207890" = Football Manager 2013
"Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition
"Steam App 21100" = F.E.A.R. 3
"Steam App 212680" = FTL: Faster Than Light
"Steam App 217080" = Doctor Who: The Eternity Clock
"Steam App 217690" = Anna
"Steam App 218230" = PlanetSide 2
"Steam App 22490" = Fallout: New Vegas
"Steam App 32160" = Zombie Bowl-O-Rama
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 440" = Team Fortress 2
"Steam App 4760" = Rome: Total War Gold Edition
"Steam App 47780" = Dead Space 2
"Steam App 47810" = Dragon Age: Origins - Ultimate Edition
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7670" = BioShock
"Steam App 8500" = Eve Online: Inferno
"Steam App 8850" = BioShock 2
"Steam App 99890" = Darkspore
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite" = Windows Live Essentials
"WinProladder V3.11-14701-CSY_is1" = WinProladder
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"PhotoFiltre 7" = PhotoFiltre 7
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"Wurm Online" = Wurm Online

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.1.2013 15:18:12 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 6.1.2013 3:33:59 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 6.1.2013 20:12:58 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 7.1.2013 5:02:35 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 8.1.2013 13:26:58 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 9.1.2013 5:55:15 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 9.1.2013 22:28:39 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.1.2013 4:49:33 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.1.2013 9:23:16 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.1.2013 18:13:21 | Computer Name = Rhonwyn-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2.1.2013 12:37:42 | Computer Name = Rhonwyn-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:34:04, ?2.?1.?2013) bylo neočekávané.

Error - 2.1.2013 12:38:43 | Computer Name = Rhonwyn-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.101 nepovolil získání názvu tímto počítačem.

Error - 5.1.2013 17:45:08 | Computer Name = Rhonwyn-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 6.1.2013 6:23:18 | Computer Name = Rhonwyn-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 6.1.2013 6:23:19 | Computer Name = Rhonwyn-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 6.1.2013 6:23:19 | Computer Name = Rhonwyn-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 6.1.2013 6:23:20 | Computer Name = Rhonwyn-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 6.1.2013 7:42:09 | Computer Name = Rhonwyn-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR2.

Error - 8.1.2013 13:25:15 | Computer Name = Rhonwyn-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (18:22:18, ?8.?1.?2013) bylo neočekávané.

Error - 12.1.2013 18:12:39 | Computer Name = Rhonwyn-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.2.104. Počítač s IP adresou 192.168.2.102 nepovolil získání názvu tímto počítačem.


< End of report >

Re: kontrola logu

Napsal: 13 led 2013 11:24
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\SearchScopes\{54C46DCC-BF7D-47ec-AD43-43CE46B2B141}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
O3 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3555613843-497549610-2155471862-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: AlternateShell - cmd.exe
O33 - MountPoints2\{3d06ed13-41fa-11e2-b177-1c6f65d964fc}\Shell - "" = AutoRun
O33 - MountPoints2\{6714b959-d872-11e1-99c9-1c6f65d964fc}\Shell - "" = AutoRun
O33 - MountPoints2\{8d3a380c-ec27-11e1-99f0-1c6f65d964fc}\Shell - "" = AutoRun
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.01.12 23:42:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.12 23:11:56 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.12 23:17:01 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=-
"DAEMON Tools Pro Agent"=-
"Steam"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"Sweetpacks Communicator"=-
"iTunesHelper"=-
"LogMeIn Hamachi Ui"=-

:files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: kontrola logu

Napsal: 13 led 2013 12:21
od Rhonwyn
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Internet Explorer\SearchScopes\{54C46DCC-BF7D-47ec-AD43-43CE46B2B141}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54C46DCC-BF7D-47ec-AD43-43CE46B2B141}\ not found.
Registry value HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3555613843-497549610-2155471862-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d06ed13-41fa-11e2-b177-1c6f65d964fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d06ed13-41fa-11e2-b177-1c6f65d964fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6714b959-d872-11e1-99c9-1c6f65d964fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6714b959-d872-11e1-99c9-1c6f65d964fc}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d3a380c-ec27-11e1-99f0-1c6f65d964fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8d3a380c-ec27-11e1-99f0-1c6f65d964fc}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP316C.tmp\Microsoft.Build.Engine.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP316C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC16B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEBA1.tmp folder deleted successfully.
C:\Windows\Installer\MSI975E.tmp- folder deleted successfully.
C:\Windows\Temp\8389.tmp deleted successfully.
C:\Windows\Temp\CF02.tmp deleted successfully.
C:\Windows\Temp\CR_BC402.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_BC402.tmp folder deleted successfully.
C:\Windows\Temp\EB2C.tmp deleted successfully.
C:\Windows\Temp\F770.tmp deleted successfully.
C:\Windows\Temp\RGI3362.tmp deleted successfully.
C:\Windows\Temp\RGI3362.tmp-tmp deleted successfully.
C:\Windows\Temp\RGI6A68.tmp deleted successfully.
C:\Windows\Temp\RGI6A68.tmp-tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rhonwyn
->Temp folder emptied: 727183275 bytes
->Temporary Internet Files folder emptied: 105051826 bytes
->Java cache emptied: 26951071 bytes
->Google Chrome cache emptied: 431347367 bytes
->Flash cache emptied: 722 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 64140770 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 24454082 bytes

Total Files Cleaned = 1 315,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Rhonwyn
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Rhonwyn
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01132013_121551

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
C:\Users\Rhonwyn\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\989002608[11].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\AdDisplayTrackerServletCA4PYL6O.htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\AdDisplayTrackerServletCALNQQ38.htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\adTagInfo[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\PugTrackerCAJPBZN9.htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7NIFM6UN\syncuppixels[2].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26N8XWKU\AdDisplayTrackerServletCA9SNU4P.htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26N8XWKU\addons-tracker-v4[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26N8XWKU\addons-v4[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26N8XWKU\dppix[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26N8XWKU\emily[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\Artemis[10].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\dpsync[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\dpsync[2].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\freq[9].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1I9LK9AD\tag[9].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TC3YDAN\300x250iframeintlv2[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TC3YDAN\AdDisplayTrackerServletCAEZA7KP.htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TC3YDAN\dpsync[1].htm moved successfully.
C:\Users\Rhonwyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0TC3YDAN\Pug[3].htm moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: kontrola logu

Napsal: 13 led 2013 12:23
od vyosek
Fajn, jak se chova PC :arrow:

Re: kontrola logu

Napsal: 13 led 2013 13:15
od Rhonwyn
Nevidim zadnou zmenu. ale ani pred tim tomu nic nebylo, chtela jsem jen preventivku, zdalo se mi, ze mam pri hrani her nejake male fps.
mivala jsem okolo stovky a ted mam kolem 50ti.
Diky:)

Re: kontrola logu

Napsal: 13 led 2013 13:19
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz