VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=132468

Stránka 1 z 3

prosím o kontrolu logu

Napsal: 31 srp 2013 11:44
od krajta5
Ahoj můj notebook je často bezdůvodně zatížen různými procesy a poslední dobou mám i problém s internetem

Logfile of random's system information tool 1.09 (written by random/random)
Run by krajta5 at 2013-08-31 12:33:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 15 GB (8%) free of 191 GB
Total RAM: 4008 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:34:06, on 31.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\krajta5.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [AVSetupPending] C:\Windows\TEMP\AVSETUP_5221c5e7\SetupPending.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [HiDownload] C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe
O4 - HKCU\..\Run: [S60 PC Suite Tray] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-21-998483296-4234481553-3123803521-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-998483296-4234481553-3123803521-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: ddCUkHAP - Invalid registry found
O20 - Winlogon Notify: gEwTjIby - gEwTjIby.dll (file missing)
O20 - Winlogon Notify: hGvUNeCV - hGvUNeCV.dll (file missing)
O20 - Winlogon Notify: iifcCTMg - iifcCTMg.dll (file missing)
O20 - Winlogon Notify: vtUnkHxx - vtUnkHxx.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avira Upgrade Service (AviraUpgradeService) - Avira Operations GmbH & Co. KG - C:\Windows\TEMP\AVSETUP_5221c5e7\avupgsvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18985 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "587945538845418225-88790654875459807326296078715460799241660473318566821163
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 3264
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe" 72648 "C:\ProgramData\AVG SafeGuard toolbar\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-948889758-1082721492-766283473-828395701-1892577509-456377826-349051659224713517
"taskhost.exe"
taskeng.exe {CB7F04E1-0196-4EDB-BC7F-4935F799E986}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -restart
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9cc247ea-1a71-4948-86f5-12410253a56f -SystemEventPortName:HostProcess-9ca8b360-08c4-43f9-89f3-8b5e91ed8d46 -IoCancelEventPortName:HostProcess-5c2cc628-169f-490c-ab11-513d58f38aa7 -NonStateChangingEventPortName:HostProcess-8a61b9b8-f197-47c2-a24d-5d531f73803e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0725e984-1303-49d7-b406-3249ec2ed30d -DeviceGroupId:WpdFsGroup
C:\Windows\system32\WLANExt.exe 206478704
{6F75F293-04BD-4413-81F3-D773C3107DE3}
\??\C:\Windows\system32\conhost.exe "1934160752-666302112-1397544039-823752585-1249380551199375912451648128276078165
{3CAF012E-DFE9-4520-BC57-50E66E94A7E2}
{9194CBFD-7E7E-4917-8FE2-773F9BE00AAE}
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe" /DM="0" "/NOMESSAGEBOX"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7412.0.215822903\687385243" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --reduce-gpu-sandbox --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7412.18.1583276434\1581927312" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7412.19.2010872286\1590162750" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_87/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="7412.20.1775185232\308016510" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\plugins\nporbit.dll" --lang=cs --channel="7412.22.55779726\1667100094" /prefetch:-390060480
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\krajta5\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default

prefs.js - "browser.startup.homepage" - "http://mysearch.avg.com/?cid={8308DB83- ... 2013-07-05 13:18:35&v=15.3.0.11&pid=safeguard&sg=0&sap=hp"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2801948&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
fcmdSrch.xml
safeguard-secure-search.xml

C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\
info@bflix.info
WebSiteRecommendation@weliketheweb.com
{37483b40-c254-4a72-bda4-22ee90182c1e}

C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\searchplugins\
askcom.xml
conduit.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-08-14 6311296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-05 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll [2013-08-23 3122864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-05 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll [2013-08-23 3122864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"=C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Trend Micro Titanium"=C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2012-11-07 8790904]
"HiDownload"=C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe [2010-10-09 5275136]
"S60 PC Suite Tray"=C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [2008-12-06 699392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-07-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-29 296056]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2013-08-23 2314416]
"AVSetupPending"=C:\Windows\TEMP\AVSETUP_5221c5e7\SetupPending.exe [2013-08-31 89144]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.XFR1"=xfcodec64.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-31 12:33:57 ----D---- C:\rsit
2013-08-31 12:32:49 ----A---- C:\ProgramData\rebootpending.txt
2013-08-30 15:48:57 ----SHD---- C:\Config.Msi
2013-08-30 15:44:25 ----D---- C:\Windows\system32\MRT
2013-08-23 19:04:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-08-09 21:40:52 ----D---- C:\Program Files (x86)\IrfanView
2013-08-02 16:34:30 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2013-08-31 12:34:06 ----D---- C:\Program Files\Trend Micro
2013-08-31 12:33:33 ----D---- C:\Windows\temp
2013-08-31 12:32:49 ----D---- C:\ProgramData
2013-08-31 12:32:22 ----D---- C:\Windows\system32\drivers
2013-08-31 12:18:03 ----D---- C:\Program Files (x86)\Steam
2013-08-31 12:15:45 ----D---- C:\Windows\tracing
2013-08-31 11:30:56 ----D---- C:\Windows\system32\Tasks
2013-08-30 17:04:27 ----RSD---- C:\Windows\assembly
2013-08-30 17:04:27 ----D---- C:\Windows\Microsoft.NET
2013-08-30 15:55:06 ----D---- C:\Windows\winsxs
2013-08-30 15:53:59 ----D---- C:\Windows\system32\catroot
2013-08-30 15:53:56 ----D---- C:\Windows\system32\catroot2
2013-08-30 15:53:05 ----SHD---- C:\Windows\Installer
2013-08-30 15:50:45 ----D---- C:\Windows\System32
2013-08-30 15:50:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-30 15:50:44 ----D---- C:\Windows\inf
2013-08-30 15:48:36 ----D---- C:\ProgramData\Microsoft Help
2013-08-30 15:44:16 ----A---- C:\Windows\system32\MRT.exe
2013-08-30 15:43:24 ----SHD---- C:\System Volume Information
2013-08-30 15:41:35 ----D---- C:\Windows\system32\config
2013-08-27 20:40:40 ----D---- C:\Windows\system32\NDF
2013-08-25 16:33:53 ----HD---- C:\ASUS.DAT
2013-08-25 16:33:53 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-25 16:32:05 ----A---- C:\Windows\system32\acovcnt.exe
2013-08-25 16:31:48 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-08-23 19:05:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-23 19:04:54 ----D---- C:\Windows\SysWOW64
2013-08-23 18:57:36 ----D---- C:\Windows\Prefetch
2013-08-23 18:56:14 ----RD---- C:\Program Files (x86)\Skype
2013-08-23 18:56:14 ----D---- C:\ProgramData\Skype
2013-08-23 18:51:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-23 18:49:32 ----D---- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-10 13:42:08 ----D---- C:\Windows
2013-08-09 21:40:52 ----D---- C:\Program Files (x86)
2013-08-09 20:10:52 ----D---- C:\Program Files (x86)\Audacity
2013-08-08 20:01:21 ----D---- C:\Program Files (x86)\JDownloader
2013-08-02 20:50:49 ----D---- C:\Program Files (x86)\Google
2013-08-02 15:42:44 ----D---- C:\Program Files (x86)\Age of Empires II HD

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-05-12 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-25 526392]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-08-23 45856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-17 270912]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-30 16120]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R4 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-03-24 34200]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2010-11-11 141384]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S4 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-05-12 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-04 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-08-23 1643184]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
R3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
S2 AviraUpgradeService;Avira Upgrade Service; C:\Windows\TEMP\AVSETUP_5221c5e7\avupgsvc.exe [2013-08-31 55352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-23 257416]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-05 117144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f C:\Program Files (x86)\WinPcap\rpcapd.ini []
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-25 543144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-19 1255736]

-----------------EOF-----------------

Re: prosím o kontrolu logu

Napsal: 31 srp 2013 13:15
od vyosek
Zdravim :)

:arrow: Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Spustte tradicne dvouklikem
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
  • Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Pokračování v tématu procesy

Napsal: 19 lis 2013 21:06
od krajta5
Zdravim :)
Omlouvám se ale dlouho jsem nebyl aktivní v tomto tématu a došlo k jeho zamčení tak jestli bych mohl navázat?:)
http://forum.viry.cz/viewtopic.php?f=13&t=132468
ještě doplním že mi často padá explorer.exe dalo by se napsat že padá cyklicky bez známého počtu opakování :D
jestli pomůže tak i připíšu že nepadá jen při zapnutí průzkumníka ale i při ukládání v ponám. bloku, malování a dalších programech

Příkládám požadované logy

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : krajta5 [Práva správce]
Mód : Kontrola -- Datum : 11/19/2013 20:55:51
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 3 ¤¤¤
[V2][SUSP UNIC] {39B3E20F-8E13-44BF-BAFB-E968763B49DA} : D:\Games\Battlefield 3?��\bf3.exe [x] -> NALEZENO
[V2][SUSP PATH] {64FC7AA2-6D9C-41DB-97B7-3240C4A3E03A} : C:\Users\krajta5\Desktop\Age of Empires II\empires2.EXE [x] -> NALEZENO
[V2][SUSP UNIC] {ABA0F6DB-05FC-43DF-9158-417081F7C0BE} : D:\Games\Battlefield 3?��\bf3.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 8 ¤¤¤
[All Users][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\All Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[CWSDPMI.SWP][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\CWSDPMI.SWP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[Default][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[Default User][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[desktop.ini][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\desktop.ini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[Public][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[Topag][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Topag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO
[UpdatusUser][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPVT-80HXZT1 +++++
--- User ---
[MBR] 1adc24914383b501ac1193c37206dec8
[BSP] a6dfcef95bdca6f6c690eb797753f4a9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 190776 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 443140096 | Size: 260562 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD5000BPVT-80HXZT1 +++++
--- User ---
[MBR] cdf0b1ea425a593d0c5b85111dc0ee27
[BSP] e6c2cebec9d5914c6fe029aa4b621d92 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238460 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488368128 | Size: 238479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: ( @ ) +++++
--- User ---
[MBR] f64e4c240b1cf74e6d7a18174aa256f0
[BSP] 6bcceb011703377df15c654d481e2472 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_11192013_205551.txt >>







# AdwCleaner v3.012 - Report created 19/11/2013 at 20:40:36
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : krajta5 - KRAJTA5-PC
# Running from : C:\Users\krajta5\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\krajta5\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
File Found : C:\Windows\System32\roboot64.exe
Folder Found : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
Folder Found C:\Program Files (x86)\1ClickDownload
Folder Found C:\Program Files (x86)\NCH Software
Folder Found C:\Program Files (x86)\SimilarSites
Folder Found C:\Program Files\Babylon
Folder Found C:\ProgramData\AlawarWrapper
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\ProgramData\NCH Software
Folder Found C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\CT2801948
Folder Found C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Smartbar
Folder Found C:\Users\krajta5\AppData\Roaming\NCH Software
Folder Found C:\Users\krajta5\AppData\Roaming\SimilarSites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Found : HKCU\Software\NCH Software
Key Found : HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\NCH Software
Key Found : [x64] HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\Software\NCH Software
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C21E753-381F-4430-9E5D-1EFC696EBE88}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://start.facemoods.com/?a=wbst&s={searchTerms}&f=4

-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\prefs.js ]

Line Found : user_pref("CT2801948.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT2801948.1000082.state", "{\"state\":\"stopped\",\"text\":\"Virgin Ra...\",\"description\":\"Virgin Radio Classic Rock\",\"url\":\"hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=v[...]
Line Found : user_pref("CT2801948.1000234.TWC_locId", "GMXX0027");
Line Found : user_pref("CT2801948.CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Found : user_pref("CT2801948.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.FirstTime", "true");
Line Found : user_pref("CT2801948.FirstTimeFF3", "true");
Line Found : user_pref("CT2801948.UserID", "UN89483010987865947");
Line Found : user_pref("CT2801948.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT2801948.countryCode", "CZ");
Line Found : user_pref("CT2801948.embeddedsData", "[{\"appId\":\"129306881621438061\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT2801948.firstTimeDialogOpened", "true");
Line Found : user_pref("CT2801948.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT2801948.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT2801948.fullUserID", "UN89483010987865947.UP.2112");
Line Found : user_pref("CT2801948.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT2801948.isCheckedStartAsHidden", true);
Line Found : user_pref("CT2801948.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT2801948.isPerformedSmartBarTransition", "true");
Line Found : user_pref("CT2801948.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=UN89483010987865947&SSPV=&Lay=1&UM=1\"}");
Line Found : user_pref("CT2801948.lastVersion", "10.22.3.518");
Line Found : user_pref("CT2801948.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Found : user_pref("CT2801948.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ahome\",\"EB_MAIN_FRAME_TITLE\":\"Startovn%C3%AD%20str%C3%A1nka%20aplikace%20Mozilla%20Firefox\",\"EB_SEARCH_TERM\":\"\",\[...]
Line Found : user_pref("CT2801948.search.searchAppId", "129306881621438061");
Line Found : user_pref("CT2801948.search.searchCount", "0");
Line Found : user_pref("CT2801948.searchFromAddressBarEnabledByUser", "false");
Line Found : user_pref("CT2801948.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT2801948.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT2801948.searchSuggestEnabledByUser", "True");
Line Found : user_pref("CT2801948.searchUninstallUserMode", "1");
Line Found : user_pref("CT2801948.searchUserMode", "1");
Line Found : user_pref("CT2801948.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2801948\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://NCHEN.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"NCH EN \"}");
Line Found : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT2801948.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT2801948.serviceLayer_services_Configuration_lastUpdate", "1384889914168");
Line Found : user_pref("CT2801948.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1384889914342");
Line Found : user_pref("CT2801948.serviceLayer_services_appsMetadata_lastUpdate", "1384889914434");
Line Found : user_pref("CT2801948.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1384889913919");
Line Found : user_pref("CT2801948.serviceLayer_services_login_10.22.3.518_lastUpdate", "1384889913127");
Line Found : user_pref("CT2801948.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1384889914067");
Line Found : user_pref("CT2801948.serviceLayer_services_searchAPI_lastUpdate", "1384889913714");
Line Found : user_pref("CT2801948.serviceLayer_services_serviceMap_lastUpdate", "1384889909392");
Line Found : user_pref("CT2801948.serviceLayer_services_setupAPI_lastUpdate", "1384889914295");
Line Found : user_pref("CT2801948.serviceLayer_services_toolbarContextMenu_lastUpdate", "1384889914195");
Line Found : user_pref("CT2801948.serviceLayer_services_toolbarSettings_lastUpdate", "1384889913747");
Line Found : user_pref("CT2801948.serviceLayer_services_translation_lastUpdate", "1384889913663");
Line Found : user_pref("CT2801948.settingsINI", true);
Line Found : user_pref("CT2801948.showToolbarPermission", "false");
Line Found : user_pref("CT2801948.smartbar.CTID", "CT2801948");
Line Found : user_pref("CT2801948.smartbar.Uninstall", "0");
Line Found : user_pref("CT2801948.smartbar.toolbarName", "NCH EN ");
Line Found : user_pref("CT2801948.toolbarCurrentServerTime", "19-11-2013");
Line Found : user_pref("CT2801948.toolbarInstallDate", "19-11-2013 20:38:29");
Line Found : user_pref("CT2801948.toolbarLoginClientTime", "Tue Nov 19 2013 20:38:28 GMT+0100");
Line Found : user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f", "%EC%E7%F2%F9%EB");
Line Found : user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Found : user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384889902866,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2801948/CT2801948", "\"d12346b4355f4cc362ce068c4c7777a63\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/CZ", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/DEFAULT", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", "\"1335476769\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"c70353cabc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"e0681bed78ad068a85c7ae4073122c0f\"");
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\krajta5\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\dkhqnoho.default\\conduitCommon\\modules\\3.20.0.4");
Line Found : user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"avira.com\":{\"c\":[1],\"ttl\":1384201469},\"conduit.com\":{\"c\":[1],\"ttl\":1385231528},\"facebook.com\":{\"c\":[1],\"ttl\":138505[...]
Line Found : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1383596666541,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Found : user_pref("smartbar.machineId", "KBMASN33ATJCDFHNBO0A7WAW9RG+VNDOINB2IYUKVEMNSDYXLHKF8NAF5KQZNFAP4LSSJG/QQXXYH8HZHG4TIQ");

-\\ Google Chrome v

[ File : C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [19520 octets] - [19/11/2013 20:40:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19581 octets] ##########

Re: Pokračování v tématu procesy

Napsal: 19 lis 2013 21:06
od krajta5
Shortcut Cleaner 1.2.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 11/19/2013 07:56:59 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\krajta5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\krajta5\Desktop


0 bad shortcuts found.

Program finished at: 11/19/2013 07:57:03 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by krajta5 on út 19.11.2013 at 19:57:55,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylonhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\nctaudiocdgrabber2.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2801948
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_internet-download-manager_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_internet-download-manager_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_jlcs-internet-tv_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_jlcs-internet-tv_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_internet-download-manager_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_internet-download-manager_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_jlcs-internet-tv_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_jlcs-internet-tv_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}



~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\Windows\syswow64\sho70B2.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho89C0.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho90D9.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA54C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoAE45.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCA29.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCF50.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD81A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD9B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF239.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\krajta5\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\krajta5\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\krajta5\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\krajta5\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thebflix"
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{0107A8C0-181A-48B0-A5A8-7E72772DF14B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{01C56FD4-A7CF-4895-A216-4D78564E8253}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{01C69995-9A10-4F15-B097-63B299A0CC0F}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{020FB36E-8E70-4D3F-8DAB-80C12C3DB6EA}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{02FA08E8-A990-4BC6-B1E8-945DC806BDE7}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{041384DA-283C-48C4-BA85-553808B7DE02}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{052BF822-2580-40CF-B443-FACA4F0B05E8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{069168AE-C228-40EB-846C-FC975057B4F5}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{06D0138D-55C9-47E2-91AB-F0C715252DB7}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{0C64A6F4-E5AA-4A86-B0FF-ECA77C073105}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{10640B64-20EB-4657-8D4B-1D34E029FC72}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{134126B5-F001-4856-B847-2D9CDC3B440A}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{13A4D039-0099-430A-9326-9522A85BE0EA}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{15653F8E-D63B-4C15-8B85-BD943A0AD784}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{1A358D32-E83F-4AD3-A61F-95C75261FC82}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{1D90B2D3-ED38-4A98-8D36-59B1BC73AC5E}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{2132B3CD-ACF8-40CD-B455-D2CCD5496C89}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{22433E23-0123-4C6E-8264-85A7B17570B0}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{232B5FA3-1139-4AB0-AA33-B8CC5EB4A146}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{24409EDB-3BD4-4145-B0DB-3FC57FFA4A3E}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{250BA792-1643-4E15-BCDF-1CAA84B5D977}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{25F4F71D-B2F9-450A-B268-3D9FBED2E580}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{26C5A13A-F258-41B2-BC45-59D045C28D85}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{29675619-5D20-49E8-8CE7-91FD6292E3C2}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{2BDAA6FA-4200-412E-B652-4DFBAFE1E7B2}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{2E53B010-22BF-4755-B568-36B91D590AA4}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{2F8DC149-D69F-4DD8-BFD9-5983EEBB66B4}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{34BCCA41-C1C1-4C37-BF30-3E379B38CA98}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{351AA3A1-19F9-4CFE-B9D2-9FA703B3432D}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{3812BFE4-9577-41FE-ADF1-98C5471C79CB}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{3B5C78D3-8C68-4136-A7F6-C41ABC8A9AC1}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{3B5FC0F6-C2DE-445F-8B6D-076A371B6495}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{3D737FF0-DB80-49C4-9084-37C680A28EB1}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{3DF3206C-885C-484B-9C4D-0ABD4FEA841F}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{405EF7D1-3715-4543-A0EF-581E4719788C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{4152AE9E-41C1-4AD7-83D4-579EC3D9C486}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{440371AA-3086-4F5D-ACE0-39913E0AB583}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{49F8AC45-F45E-4D34-B0AF-D20308B97950}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{4B1F92F2-B0A5-41ED-992D-C687C4703ECB}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{52837E79-970A-45F2-8505-3CBFEA154008}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{58C9B436-32E5-478E-9303-275A70083EB8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{5BEDEADD-D263-488C-AFCA-35F19BBE6C6E}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{5BF4BAFF-5154-4507-83E9-52087CA36B21}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{5E5F9CB3-F141-4A5D-B2A5-13902392008B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6078B5D4-73F5-431F-8685-7D8D28527397}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{623B5152-D3DB-48F5-9546-F39B37BE467D}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{67A4C974-2C4B-4B68-A55F-B89AA1D41523}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{67A6AEFF-3E2F-4869-AF8F-DE35399D8427}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{682E9532-1EED-400F-9967-0BDC738520FA}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6AB3F955-DED3-4555-AAC2-257CFD5CEAB7}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6C3D1979-81F1-428E-BE9B-6ABA79B1FD48}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6C81CBBF-9FC2-4707-A311-C5C16CCC9B0C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6D98AC09-DDF1-43E7-A8B2-F5CE10E27A86}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{6EE9E78C-109B-420C-B98D-873EE865CC44}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{72E633E7-2159-4B58-B00E-4B371F8D5D2A}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{75AE8091-1CDB-448D-9D1C-7DE89DA2BB8B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{767DB315-8246-4BA3-A624-D59F68CBEBE8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{76959EA1-C201-4030-8441-F83BF8661CF1}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{7AA1CA9A-D02F-45D4-8E05-6CD141299F0F}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{7C3CF6D5-DE6C-4087-9D93-89DBBF872EC5}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{7C76F4D3-BD32-4A21-B00C-F0B8E006C3BF}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{7F02EAA4-A9AF-4D68-A6FF-E3639D245E12}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{87B05040-B612-450A-AA5D-B245ABCC1121}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{896D2709-82E3-4776-BA4A-416FF23D26EE}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{899E2584-71E8-4457-BAC9-CE2F28B38E89}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{89A98267-4B7D-477C-BE38-4E1107B339B5}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{8FC577C9-8789-4EAF-900D-B2CCF8DD2131}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{944A34B2-7530-4967-8154-AA976BF13B14}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{94A71127-99E4-4F74-91EE-A20B4CE9D268}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{9A3B2A8D-CCFA-4F7B-BF1A-6812EB5AD28B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{9A729F05-60EE-4BE2-9EEE-EA25B4625A0D}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{9AAB99DD-543E-46C5-95B8-FD653DFA7CAF}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{9C594A3C-8477-400D-91BE-498573389D38}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A0651384-19A6-49F2-8E4C-38E9A581DC74}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A1757509-A19D-44FF-876E-E8E542EAD5F4}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A1CCFF6D-0DF9-4CC0-8066-2684BD1F000B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A48F56EE-270B-4C4C-88BC-63B2BEC9E3A1}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A4ECCC1F-78DF-4D30-A1DE-B3D90F1B3E68}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A4F5F3E0-24D1-49DF-A030-45B6725F152C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A6226E55-C6B1-4611-B928-3FAD571C8E9A}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{A988C5F8-E8F1-4843-B9D3-604B6FDBE349}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{AC777F39-77B1-4F35-A5F2-FBB6CD0FC320}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{ACA3138C-4DA3-4BA4-916D-DA85DB0D8A7C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{AD536862-52AF-4E87-8989-DB9EDD5E2EF8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{AF1319BB-3207-4F70-A4E8-40DD3E1CE120}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{AF47C1C5-21C9-435B-B51E-2DB486771705}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{B0E83797-DB02-4988-9D16-39BE21A101F0}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{B435885A-B00C-4F42-A73D-03CEAA6DE3D5}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{B5789C41-C005-4D09-85D6-BB8713B9EABB}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{B681DF46-0A9E-489F-9C6C-287EFE46CE21}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{BA5C00D1-90EF-436E-B3E6-A47AAB3784E3}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{BD821AC0-000D-4872-A2D6-BD4F1BED0EFB}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C23C7FC4-D0E7-476F-9593-CB68B0E165D9}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C453F7C1-2DDE-4406-AA1C-DA5973D12804}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C5F7FBF5-CF20-42E4-A669-4C3B1BB8309E}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C778F7D3-07C3-44C7-9595-9A49DD36D40B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C8598F35-B062-4141-94BD-96AC2722086F}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{C8BB205C-EE01-4189-87A5-7BF44BF724F8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{CC132A67-EF7E-4456-BF5C-52CDE32CBCEE}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{CDB08671-EE6E-498D-AE19-0B31547E4F4C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D180B189-A426-4744-8044-A6BD46EDEEDC}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D3D0ED20-0617-47AC-94B6-6F5CB3BC4995}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D4DE0FED-4A79-4DFE-A524-6D420E755DA6}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D78C9FA1-222F-4782-9D31-13D173BBBFE3}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D861B1DA-6F98-4737-8E97-752B81AABB6C}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{D8DB8C66-A234-4AFC-9905-B20AEF2984C5}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{DAED5A3D-6A11-44D8-A214-1E276080A257}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{DCD07F9C-F731-4E03-AE74-89C26DFBC454}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{E72D0AA9-A462-4917-9997-CFBF647B1861}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{E94923DB-EC8D-49CB-9DE7-E08099315A2B}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{EB4511D9-6C97-41C7-B0DF-14B61EC5B3A8}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{EE4C7D02-8EAA-4BDC-AD29-537A5A333C32}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{EE573C31-8D96-4718-AE2E-8ACCE1DEBEE9}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{F3F6E9C5-8FA9-4306-AF58-1D7962CCB905}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{F4EDBAB1-8E45-474B-ADF7-0D93F847D058}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{F4F73388-2416-408D-88ED-301D06D4B008}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{F8453B5B-47EA-49B4-AAD1-48D6858AD160}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FA4BDEBA-C301-41E5-86E8-9ECCA391EE98}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FAD52145-F6D6-4E71-BD3A-9C79ABB2F677}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FC50FA25-D892-48F7-A861-FEC2050F2B07}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FE2A8F90-7F7C-405E-97D8-ED316951F0B4}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FE42BD80-72C8-4C7B-BC72-8D830256B2F9}
Successfully deleted: [Empty Folder] C:\Users\krajta5\appdata\local\{FF7C6AC2-DAA0-42B0-A633-4FCF2631E8F3}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\user.js
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\conduitcommon
Successfully deleted: [Folder] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\smartbar
Successfully deleted: [Folder] C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\extensions\info@bflix.info
Successfully deleted the following from C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\prefs.js

user_pref("CT2801948..clientLogIsEnabled", false);
user_pref("CT2801948..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2801948..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2801948.1000082.isPlayDisplay", "true");
user_pref("CT2801948.1000082.state", "{\"state\":\"stopped\",\"text\":\"Virgin Ra...\",\"description\":\"Virgin Radio Classic Rock\",\"url\":\"hxxp://www.smgradio.com/core/aud
user_pref("CT2801948.1000234.TWC_locId", "GMXX0027");
user_pref("CT2801948.1000234.TWC_temp_dis", "c");
user_pref("CT2801948.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2801948.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2801948.AppTrackingLastCheckTime", "Tue Nov 20 2012 16:51:04 GMT+0100");
user_pref("CT2801948.BrowserCompStateIsOpen_129797777221477754", true);
user_pref("CT2801948.BrowserCompStateIsOpen_129797786124759251", true);
user_pref("CT2801948.BrowserCompStateIsOpen_129799503686523541", true);
user_pref("CT2801948.BrowserCompStateIsOpen_129815072111847605", true);
user_pref("CT2801948.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2801948.CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=SB_CUI&S
user_pref("CT2801948.CTID", "CT2801948");
user_pref("CT2801948.ConfigurationLastCheckTime", "Mon Nov 11 2013 19:19:14 GMT+0100");
user_pref("CT2801948.CurrentServerDate", "11-11-2013");
user_pref("CT2801948.DSChangedManually", false);
user_pref("CT2801948.DSInstall", true);
user_pref("CT2801948.DSProtectChoice", true);
user_pref("CT2801948.DSProtectCount", 2);
user_pref("CT2801948.DialogsAlignMode", "LTR");
user_pref("CT2801948.DialogsGetterLastCheckTime", "Mon Nov 11 2013 19:19:16 GMT+0100");
user_pref("CT2801948.DownloadReferralCookieData", "");
user_pref("CT2801948.EMailNotifierPollDate", "Mon Nov 11 2013 19:34:19 GMT+0100");
user_pref("CT2801948.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2801948.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2801948.FirstServerDate", "4-3-2012");
user_pref("CT2801948.FirstTime", true);
user_pref("CT2801948.FirstTimeFF3", true);
user_pref("CT2801948.FixPageNotFoundErrors", true);
user_pref("CT2801948.GroupingServerCheckInterval", 1440);
user_pref("CT2801948.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2801948.HPChangedManually", true);
user_pref("CT2801948.HPInstall", true);
user_pref("CT2801948.HPProtectChoice", true);
user_pref("CT2801948.HPProtectCount", 2);
user_pref("CT2801948.HasUserGlobalKeys", true);
user_pref("CT2801948.HomePageProtectorEnabled", false);
user_pref("CT2801948.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13");
user_pref("CT2801948.Initialize", true);
user_pref("CT2801948.InitializeCommonPrefs", true);
user_pref("CT2801948.InstallationAndCookieDataSentCount", 3);
user_pref("CT2801948.InstallationId", "ConduitNSISIntegration");
user_pref("CT2801948.InstallationType", "ConduitXPEIntegration");
user_pref("CT2801948.InstalledDate", "Sun Mar 04 2012 12:47:26 GMT+0100");
user_pref("CT2801948.InvalidateCache", false);
user_pref("CT2801948.IsAlertDBUpdated", true);
user_pref("CT2801948.IsGrouping", false);
user_pref("CT2801948.IsInitSetupIni", true);
user_pref("CT2801948.IsMulticommunity", false);
user_pref("CT2801948.IsOpenThankYouPage", false);
user_pref("CT2801948.IsOpenUninstallPage", true);
user_pref("CT2801948.IsProtectorsInit", true);
user_pref("CT2801948.LanguagePackLastCheckTime", "Mon Nov 11 2013 19:19:16 GMT+0100");
user_pref("CT2801948.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2801948.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2801948.LastLogin_3.10.0.1", "Thu Apr 19 2012 19:34:14 GMT+0200");
user_pref("CT2801948.LastLogin_3.12.0.7", "Wed Apr 25 2012 19:54:19 GMT+0200");
user_pref("CT2801948.LastLogin_3.12.2.3", "Fri Jun 01 2012 21:48:29 GMT+0200");
user_pref("CT2801948.LastLogin_3.13.0.6", "Sat Jul 28 2012 19:27:00 GMT+0200");
user_pref("CT2801948.LastLogin_3.14.1.0", "Sat Sep 01 2012 20:13:26 GMT+0200");
user_pref("CT2801948.LastLogin_3.15.1.0", "Fri Nov 09 2012 22:39:39 GMT+0100");
user_pref("CT2801948.LastLogin_3.16.0.100", "Sun Feb 24 2013 09:32:40 GMT+0100");
user_pref("CT2801948.LastLogin_3.16.0.3", "Sat Jan 19 2013 11:08:19 GMT+0100");
user_pref("CT2801948.LastLogin_3.18.0.7", "Wed Sep 04 2013 00:06:16 GMT+0200");
user_pref("CT2801948.LastLogin_3.20.0.4", "Mon Nov 11 2013 19:19:12 GMT+0100");
user_pref("CT2801948.LatestVersion", "3.20.0.4");
user_pref("CT2801948.Locale", "en-us");
user_pref("CT2801948.MCDetectTooltipHeight", "83");
user_pref("CT2801948.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2801948.MCDetectTooltipWidth", "295");
user_pref("CT2801948.MyStuffEnabledAtInstallation", true);
user_pref("CT2801948.OriginalFirstVersion", "3.10.0.1");
user_pref("CT2801948.RadioIsPodcast", false);
user_pref("CT2801948.RadioLastCheckTime", "Mon Nov 11 2013 19:19:13 GMT+0100");
user_pref("CT2801948.RadioLastUpdateIPServer", "3");
user_pref("CT2801948.RadioLastUpdateServer", "129307496595170000");
user_pref("CT2801948.RadioMediaID", "21435220");
user_pref("CT2801948.RadioMediaType", "Media Player");
user_pref("CT2801948.RadioMenuSelectedID", "EBRadioMenu_CT280194821435220");
user_pref("CT2801948.RadioShrinkedFromSetup", false);
user_pref("CT2801948.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
user_pref("CT2801948.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb");
user_pref("CT2801948.SavedHomepage", "hxxp://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=a6f0b0c5000000000000bc7737e32f89");
user_pref("CT2801948.SearchAPILastCheckTime", "Mon Nov 11 2013 19:19:14 GMT+0100");
user_pref("CT2801948.SearchAppState", "%B9");
user_pref("CT2801948.SearchAppState.enc", "Mw==");
user_pref("CT2801948.SearchAppTracking", "%F9%EB%F4%FA");
user_pref("CT2801948.SearchAppTracking.enc", "c2VudA==");
user_pref("CT2801948.SearchCaption", "NCH EN Customized Web Search");
user_pref("CT2801948.SearchEngineBeforeUnload", "NCH EN Customized Web Search");
user_pref("CT2801948.SearchFromAddressBarIsInit", true);
user_pref("CT2801948.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q=");
user_pref("CT2801948.SearchInNewTabEnabled", true);
user_pref("CT2801948.SearchInNewTabIntervalMM", 1440);
user_pref("CT2801948.SearchInNewTabLastCheckTime", "Wed Sep 04 2013 00:06:14 GMT+0200");
user_pref("CT2801948.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2801948.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
user_pref("CT2801948.SearchProtectorEnabled", false);
user_pref("CT2801948.SearchProtectorToolbarDisabled", false);
user_pref("CT2801948.SendProtectorDataViaLogin", true);
user_pref("CT2801948.ServiceMapLastCheckTime", "Mon Nov 11 2013 19:19:13 GMT+0100");
user_pref("CT2801948.SettingsLastCheckTime", "Mon Nov 11 2013 19:19:07 GMT+0100");
user_pref("CT2801948.SettingsLastUpdate", "1384160263");
user_pref("CT2801948.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13");
user_pref("CT2801948.ThirdPartyComponentsInterval", 504);
user_pref("CT2801948.ThirdPartyComponentsLastCheck", "Mon Nov 11 2013 19:19:06 GMT+0100");
user_pref("CT2801948.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2801948.ToolbarShrinkedFromSetup", false);
user_pref("CT2801948.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2801948.UserID", "UN89483010987865947");
user_pref("CT2801948.ValidationData_Toolbar", 0);
user_pref("CT2801948.WeatherNetwork", "");
user_pref("CT2801948.WeatherPollDate", "Mon Nov 11 2013 19:19:08 GMT+0100");
user_pref("CT2801948.WeatherUnit", "C");
user_pref("CT2801948.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2801948.alertChannelId", "1194029");
user_pref("CT2801948.amazonnew_all.from_oldbar.enc", "MjYwMTc3MSwyNzQwNjAxLDI3Mzc0ODEsMjczNzQ1MSwyNzM3NDExLDI3Mzc5ODEsMjczODAzMSwyNzQ0NTkxLDI3MzU2NDEsMjczNTYzMSwyNzQzNDcxIyMjM
user_pref("CT2801948.autoDisableScopes", -1);
user_pref("CT2801948.backendstorage.amazonnew_all", "323630313737312C323734303630312C323733373438312C323733373435312C323733373431312C323733373938312C323733383033312C3237343435
user_pref("CT2801948.backendstorage.hxxp://pinterest_aot_im.guid", "313333353533303139303934392D333634316366623638643335");
user_pref("CT2801948.backendstorage.hxxp://pinterest_aot_im.instts", "31333335353330313931343635");
user_pref("CT2801948.backendstorage.hxxp://pinterest_aot_im.isenabled", "59");
user_pref("CT2801948.backendstorage.searchappstate", "33");
user_pref("CT2801948.backendstorage.searchapptracking", "73656E74");
user_pref("CT2801948.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
user_pref("CT2801948.backendstorage.twitter_v1.9.0_twitter_app_open_t_f", "66616C7365");
user_pref("CT2801948.countryCode", "CZ");
user_pref("CT2801948.embeddedsData", "[{\"appId\":\"129306881621438061\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT2801948.firstTimeDialogOpened", true);
user_pref("CT2801948.fixPageNotFoundErrorByUser", "TRUE");
user_pref("CT2801948.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2801948.fullUserID", "UN89483010987865947.UP.2112");
user_pref("CT2801948.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2801948.globalFirstTimeInfoLastCheckTime", "Mon Nov 11 2013 19:19:16 GMT+0100");
user_pref("CT2801948.homepageProtectorEnableByLogin", true);
user_pref("CT2801948.hxxp___pinterest_aot_im.guid.from_oldbar.enc", "MTMzNTUzMDE5MDk0OS0zNjQxY2ZiNjhkMzU=");
user_pref("CT2801948.hxxp___pinterest_aot_im.instts.from_oldbar.enc", "MTMzNTUzMDE5MTQ2NQ==");
user_pref("CT2801948.hxxp___pinterest_aot_im.isenabled.from_oldbar.enc", "WQ==");
user_pref("CT2801948.initDone", true);
user_pref("CT2801948.installId", "ConduitNSISIntegration");
user_pref("CT2801948.installType", "ConduitXPEIntegration");
user_pref("CT2801948.isAppTrackingManagerOn", false);
user_pref("CT2801948.isCheckedStartAsHidden", true);
user_pref("CT2801948.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2801948.isFirstRadioInstallation", false);
user_pref("CT2801948.isFirstTimeToolbarLoading", "false");
user_pref("CT2801948.isPerformedSmartBarTransition", "true");
user_pref("CT2801948.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2801948.keyword", true);
user_pref("CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=UN8948301098786594
user_pref("CT2801948.lastVersion", "10.22.3.518");
user_pref("CT2801948.myStuffEnabled", true);
user_pref("CT2801948.myStuffPublihserMinWidth", 400);
user_pref("CT2801948.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2801948.myStuffServiceIntervalMM", 1440);
user_pref("CT2801948.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2801948.navigateToUrlOnSearch", false);
user_pref("CT2801948.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3FCUI%3DUN89483010987865947%26ctid%3DCT2801948%26SearchSource%3D13\",
user_pref("CT2801948.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2801948.oldAppsList", "129306881620344305,129306881621438061,111,129306881624250628,129306881624563129,129797778032571509,129797781958509142,129343840936544328,12
user_pref("CT2801948.originalHomepage", "hxxp://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=a6f0b0c5000000000000bc7737e32f89");
user_pref("CT2801948.originalSearchAddressUrl", "hxxp://search.babylon.com/?AF=100888&babsrc=adbartrp&mntrId=a6f0b0c5000000000000bc7737e32f89&q=");
user_pref("CT2801948.originalSearchEngine", "Search the web (Babylon)");
user_pref("CT2801948.revertSettingsEnabled", true);
user_pref("CT2801948.search.searchAppId", "129306881621438061");
user_pref("CT2801948.search.searchCount", "0");
user_pref("CT2801948.searchFromAddressBarEnabledByUser", "true");
user_pref("CT2801948.searchInNewTabEnabledByUser", "true");
user_pref("CT2801948.searchInNewTabEnabledInHidden", "true");
user_pref("CT2801948.searchProtectorDialogDelayInSec", 10);
user_pref("CT2801948.searchProtectorEnableByLogin", true);
user_pref("CT2801948.searchSuggestEnabledByUser", "true");
user_pref("CT2801948.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2801948.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2801948.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2801948\"}");
user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://NCHEN.OurToolbar.com//xpi\"}");
user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"NCH EN \"}");
user_pref("CT2801948.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2801948.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2801948.serviceLayer_services_Configuration_lastUpdate", "1384887287711");
user_pref("CT2801948.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1384195646831");
user_pref("CT2801948.serviceLayer_services_appsMetadata_lastUpdate", "1384887285106");
user_pref("CT2801948.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1384195646235");
user_pref("CT2801948.serviceLayer_services_login_10.20.101.5_lastUpdate", "1384348060290");
user_pref("CT2801948.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384446243169");
user_pref("CT2801948.serviceLayer_services_login_10.22.3.518_lastUpdate", "1384887283980");
user_pref("CT2801948.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1384195646339");
user_pref("CT2801948.serviceLayer_services_searchAPI_lastUpdate", "1384887287660");
user_pref("CT2801948.serviceLayer_services_serviceMap_lastUpdate", "1384887285092");
user_pref("CT2801948.serviceLayer_services_toolbarContextMenu_lastUpdate", "1384887284449");
user_pref("CT2801948.serviceLayer_services_toolbarSettings_lastUpdate", "1384887285128");
user_pref("CT2801948.serviceLayer_services_translation_lastUpdate", "1384887284384");
user_pref("CT2801948.settingsINI", true);
user_pref("CT2801948.showToolbarPermission", "false");
user_pref("CT2801948.smartbar.CTID", "CT2801948");
user_pref("CT2801948.smartbar.Uninstall", "0");
user_pref("CT2801948.smartbar.homepage", true);
user_pref("CT2801948.smartbar.toolbarName", "NCH EN ");
user_pref("CT2801948.testingCtid", "");
user_pref("CT2801948.toolbarAppMetaDataLastCheckTime", "Mon Nov 11 2013 19:19:16 GMT+0100");
user_pref("CT2801948.toolbarBornServerTime", "4-3-2012");
user_pref("CT2801948.toolbarContextMenuLastCheckTime", "Mon Nov 11 2013 19:19:17 GMT+0100");
user_pref("CT2801948.toolbarCurrentServerTime", "19-11-2013");
user_pref("CT2801948.toolbarLoginClientTime", "Mon Nov 11 2013 19:47:25 GMT+0100");
user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f", "%EC%E7%F2%F9%EB");
user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
user_pref("CT2801948.upgradeFromOBVersion", true);
user_pref("CT2801948.usagesFlag", 2);
user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384887277278,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "NCH EN Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2801948/CT2801948", "\"d12346b4355f4cc362ce068c4c7777a63\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/DEFAULT", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", "\"1335476769\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us&ctid=CT2801948", "GNmdGrr6syWWiO5HPrW6Kg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us&ctid=CT2801948", "inm6N6Ad2DrQKGUsOGzkLg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us&ctid=CT2801948", "6nU8AIjBECdJeC23UVuipQ==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "4BgM4MhF/sOgPsDNmIs3Yw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us&ctid=CT2801948", "Y3Dtc1pIAMMkuUpvgoTeaw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us&ctid=CT2801948&UM=UM_UNINSTALL_ID", "Y3Dtc1pIAMMkuUpvgoTeaw==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"c70353cabc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"e0681bed78ad068a85c7ae4073122c0f\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\krajta5\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\dkhqnoho.default\\conduitCommon\\modules\\3.20.0.4");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.20.0.4");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?AF=100888&babsrc=adbartrp&mntrId=a6f0b0c5000000000000bc7737e32f89&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT2801948");
user_pref("CommunityToolbar.ToolbarsList2", "CT2801948");
user_pref("CommunityToolbar.ToolbarsList4", "CT2801948");
user_pref("CommunityToolbar.globalUserId", "0a1b1639-5361-4e42-842e-009773d4a579");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2801948");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 11 2013 19:19:16 GMT+0100");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 11 2013 19:19:21 GMT+0100");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Nov 11 2013 19:19:14 GMT+0100");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "ff65ecaa-0f89-4a16-ae2f-cab4c430ced7");
user_pref("CommunityToolbar.originalHomepage", "hxxp://search.babylon.com/?AF=100888&babsrc=HP_ss&mntrId=a6f0b0c5000000000000bc7737e32f89");
user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)");
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?CUI=UN89483010987865947&ctid=CT2801948&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "NCH EN Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}&CUI=UN89483010987865947");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.babylon.com/?AF=100888&babsrc=adbartrp&mntrId=a6f0b0c5000000000000bc7737e32f89&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT2801948");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultenginename", "NCH EN Customized Web Search");
user_pref("browser.search.defaultthis.engineName", "NCH EN Customized Web Search");
user_pref("browser.search.selectedEngine", "NCH EN Customized Web Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?CUI=UN89483010987865947&ctid=CT2801948&SearchSource=13");
user_pref("extensions.3499ur3ur4hfsudfs.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,
user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"avira.com\":{\"c\":[1],\"ttl\":1384201469},\"conduit.com\":{\"c\":[1],\"ttl\":1385231528},\"facebook.com\":
user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":39,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Anal
user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\"");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100888");
user_pref("extensions.BabylonToolbar_i.hardId", "a6f0b0c5000000000000bc7737e32f89");
user_pref("extensions.BabylonToolbar_i.id", "a6f0b0c5000000000000bc7737e32f89");
user_pref("extensions.BabylonToolbar_i.instlDay", "15360");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100888&babsrc=NT_ss&mntrId=a6f0b0c5000000000000bc7737e32f89");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:05:20");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=2&CUI=UN89483010987865947&UM=&q=");
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartbar.addressBarOwnerCTID", "CT2801948");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13,hxxp://search.conduit.com/?CUI=UN89483010987865947&ctid=CT2801948&SearchSo
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchS
user_pref("smartbar.defaultSearchOwnerCTID", "CT2801948");
user_pref("smartbar.homePageOwnerCTID", "CT2801948");
user_pref("smartbar.machineId", "UGSUFEWITVQEM29JZLV53LLVRFRN+W5SFI8EPYT/VU68WNPEGZ7EFHDLSMDBAAPPGSU2L7PEX8UKSZN3+HTTUQ");
user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "NCH EN Customized Web Search");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=4.0005002");
Emptied folder: C:\Users\krajta5\AppData\Roaming\mozilla\firefox\profiles\dkhqnoho.default\minidumps [134 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\krajta5\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on út 19.11.2013 at 20:32:05,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: prosím o kontrolu logu

Napsal: 20 lis 2013 11:38
od vyosek
:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
:arrow: Spustte znovu AdwCleaner
  • Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: prosím o kontrolu logu

Napsal: 20 lis 2013 13:25
od krajta5
Na uvítanou po restartu znovu přestal odpovídat explorer.exe.
Příkládám i screen procesů.
http://imageshack.com/a/img5/7854/e188.png

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : krajta5 [Práva správce]
Mód : Odebrat -- Datum : 11/20/2013 13:07:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 3 ¤¤¤
[V2][SUSP UNIC] {39B3E20F-8E13-44BF-BAFB-E968763B49DA} : D:\Games\Battlefield 3?��\bf3.exe [x] -> VYMAZÁNO
[V2][SUSP PATH] {64FC7AA2-6D9C-41DB-97B7-3240C4A3E03A} : C:\Users\krajta5\Desktop\Age of Empires II\empires2.EXE [x] -> VYMAZÁNO
[V2][SUSP UNIC] {ABA0F6DB-05FC-43DF-9158-417081F7C0BE} : D:\Games\Battlefield 3?��\bf3.exe [x] -> VYMAZÁNO

¤¤¤ spuštění položky : 8 ¤¤¤
[All Users][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\All Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[CWSDPMI.SWP][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\CWSDPMI.SWP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[Default][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[Default User][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[desktop.ini][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\desktop.ini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[Public][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[Topag][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\Topag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->
[UpdatusUser][SUSP UNIC] SDATA1 (E) ??� zástupce.lnk : C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDATA1 (E) ??� zástupce.lnk [x] ->

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPVT-80HXZT1 +++++
--- User ---
[MBR] 1adc24914383b501ac1193c37206dec8
[BSP] a6dfcef95bdca6f6c690eb797753f4a9 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 190776 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 443140096 | Size: 260562 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD5000BPVT-80HXZT1 +++++
--- User ---
[MBR] cdf0b1ea425a593d0c5b85111dc0ee27
[BSP] e6c2cebec9d5914c6fe029aa4b621d92 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 238460 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488368128 | Size: 238479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: ( @ ) +++++
--- User ---
[MBR] f64e4c240b1cf74e6d7a18174aa256f0
[BSP] 6bcceb011703377df15c654d481e2472 : Empty MBR Code
Partition table:
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_11202013_130757.txt >>
RKreport[0]_S_11192013_205551.txt;RKreport[0]_S_11202013_130713.txt


# AdwCleaner v3.012 - Report created 20/11/2013 at 13:12:44
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : krajta5 - KRAJTA5-PC
# Running from : C:\Users\krajta5\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Users\krajta5\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\krajta5\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Smartbar
Folder Deleted : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\CT2801948
Folder Deleted : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
File Deleted : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\krajta5\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C21E753-381F-4430-9E5D-1EFC696EBE88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\prefs.js ]

Line Deleted : user_pref("CT2801948.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT2801948.1000082.state", "{\"state\":\"stopped\",\"text\":\"Virgin Ra...\",\"description\":\"Virgin Radio Classic Rock\",\"url\":\"hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=v[...]
Line Deleted : user_pref("CT2801948.1000234.TWC_locId", "GMXX0027");
Line Deleted : user_pref("CT2801948.CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2801948.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.FirstTime", "true");
Line Deleted : user_pref("CT2801948.FirstTimeFF3", "true");
Line Deleted : user_pref("CT2801948.UserID", "UN89483010987865947");
Line Deleted : user_pref("CT2801948.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2801948.countryCode", "CZ");
Line Deleted : user_pref("CT2801948.embeddedsData", "[{\"appId\":\"129306881621438061\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT2801948.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT2801948.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT2801948.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2801948.fullUserID", "UN89483010987865947.UP.2112");
Line Deleted : user_pref("CT2801948.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2801948.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2801948.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2801948.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2801948.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2801948.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2801948&octid=CT2801948&SearchSource=15&CUI=UN89483010987865947&SSPV=&Lay=1&UM=1\"}");
Line Deleted : user_pref("CT2801948.lastVersion", "10.22.3.518");
Line Deleted : user_pref("CT2801948.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Deleted : user_pref("CT2801948.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ahome\",\"EB_MAIN_FRAME_TITLE\":\"Startovn%C3%AD%20str%C3%A1nka%20aplikace%20Mozilla%20Firefox\",\"EB_SEARCH_TERM\":\"\",\[...]
Line Deleted : user_pref("CT2801948.search.searchAppId", "129306881621438061");
Line Deleted : user_pref("CT2801948.search.searchCount", "0");
Line Deleted : user_pref("CT2801948.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT2801948.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2801948.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2801948.searchSuggestEnabledByUser", "True");
Line Deleted : user_pref("CT2801948.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT2801948.searchUserMode", "1");
Line Deleted : user_pref("CT2801948.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2801948\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://NCHEN.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"NCH EN \"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2801948.serviceLayer_services_Configuration_lastUpdate", "1384889914168");
Line Deleted : user_pref("CT2801948.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1384889914342");
Line Deleted : user_pref("CT2801948.serviceLayer_services_appsMetadata_lastUpdate", "1384889914434");
Line Deleted : user_pref("CT2801948.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1384889913919");
Line Deleted : user_pref("CT2801948.serviceLayer_services_login_10.22.3.518_lastUpdate", "1384889913127");
Line Deleted : user_pref("CT2801948.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1384889914067");
Line Deleted : user_pref("CT2801948.serviceLayer_services_searchAPI_lastUpdate", "1384889913714");
Line Deleted : user_pref("CT2801948.serviceLayer_services_serviceMap_lastUpdate", "1384889909392");
Line Deleted : user_pref("CT2801948.serviceLayer_services_setupAPI_lastUpdate", "1384889914295");
Line Deleted : user_pref("CT2801948.serviceLayer_services_toolbarContextMenu_lastUpdate", "1384889914195");
Line Deleted : user_pref("CT2801948.serviceLayer_services_toolbarSettings_lastUpdate", "1384889913747");
Line Deleted : user_pref("CT2801948.serviceLayer_services_translation_lastUpdate", "1384889913663");
Line Deleted : user_pref("CT2801948.settingsINI", true);
Line Deleted : user_pref("CT2801948.showToolbarPermission", "false");
Line Deleted : user_pref("CT2801948.smartbar.CTID", "CT2801948");
Line Deleted : user_pref("CT2801948.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2801948.smartbar.toolbarName", "NCH EN ");
Line Deleted : user_pref("CT2801948.toolbarCurrentServerTime", "19-11-2013");
Line Deleted : user_pref("CT2801948.toolbarInstallDate", "19-11-2013 20:38:29");
Line Deleted : user_pref("CT2801948.toolbarLoginClientTime", "Tue Nov 19 2013 20:38:28 GMT+0100");
Line Deleted : user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT2801948.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT2801948_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384889902866,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2801948/CT2801948", "\"d12346b4355f4cc362ce068c4c7777a63\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1194029/1189706/DEFAULT", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2801948", "\"1335476769\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"c70353cabc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"2a1a0d7b586ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2801948", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"e0681bed78ad068a85c7ae4073122c0f\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\krajta5\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\dkhqnoho.default\\conduitCommon\\modules\\3.20.0.4");
Line Deleted : user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"avira.com\":{\"c\":[1],\"ttl\":1384201469},\"conduit.com\":{\"c\":[1],\"ttl\":1385231528},\"facebook.com\":{\"c\":[1],\"ttl\":138505[...]
Line Deleted : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1383596666541,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.machineId", "KBMASN33ATJCDFHNBO0A7WAW9RG+VNDOINB2IYUKVEMNSDYXLHKF8NAF5KQZNFAP4LSSJG/QQXXYH8HZHG4TIQ");

-\\ Google Chrome v

[ File : C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R1].txt - [19870 octets] - [20/11/2013 13:09:30]
AdwCleaner[S0].txt - [19822 octets] - [20/11/2013 13:12:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19883 octets] ##########

Re: prosím o kontrolu logu

Napsal: 22 lis 2013 18:06
od vyosek
Poprosim o novy log z RSIT

Re: prosím o kontrolu logu

Napsal: 24 lis 2013 09:37
od krajta5
Logfile of random's system information tool 1.08 (written by random/random)
Run by krajta5 at 2013-11-24 09:34:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (12%) free of 191 GB
Total RAM: 4008 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:35:00, on 24.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\trend micro\krajta5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKUS\S-1-5-21-998483296-4234481553-3123803521-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-998483296-4234481553-3123803521-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O20 - Winlogon Notify: ddCUkHAP - Invalid registry found
O20 - Winlogon Notify: gEwTjIby - gEwTjIby.dll (file missing)
O20 - Winlogon Notify: hGvUNeCV - hGvUNeCV.dll (file missing)
O20 - Winlogon Notify: iifcCTMg - iifcCTMg.dll (file missing)
O20 - Winlogon Notify: vtUnkHxx - vtUnkHxx.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13723 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "864814906-1611358538-8485684962095097696-774125813131085103398888455442773397
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 3296
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000814
"C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2cbc0199-fa94-4263-b516-2ff51cfd9610 -SystemEventPortName:HostProcess-803de784-15e3-4bff-af09-e6dbc41f05dd -IoCancelEventPortName:HostProcess-985b5ce3-7dd5-446b-8cdf-add4c3ecf55c -NonStateChangingEventPortName:HostProcess-797d5881-9e91-4c68-a4c1-ec2994e88478 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3bb15fee-c9e9-41c4-a117-78f4a5099b98 -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {9D0A6496-AAF6-46BE-83A6-9E88B610B3B7}
\??\C:\Windows\system32\conhost.exe "-138502354010648658301342068034-4667065941914611007-7564198728861251321796066264
"C:\Windows\system32\Dwm.exe"
taskeng.exe {AE208006-C4EB-4521-A167-0B569DA30603}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-998483296-4234481553-3123803521-1001
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
Explorer.exe
C:\Windows\system32\WLANExt.exe 58569184
\??\C:\Windows\system32\conhost.exe "-176741092213364687251793609247547133228-2110748451-1143214992863743281-1093382997
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {D934E9AB-7CA9-4EC1-A8F4-03BC6D7A3E57}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\krajta5\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-03 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-03 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-05 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{876d9f09-c6d6-4324-a2cc-04dd9a4de12f}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26 74888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-05 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Client Framework"=C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [2010-10-12 192520]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-11-14 1064224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-07-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2012-11-13 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-30 1263512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiDownload]
C:\Program Files (x86)\StreamingStar\HiDownload_Platinum\HiDownloadPlatinum.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-12-14 399984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-12-14 172144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPAN]
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-02 1935120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce]
wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder]
C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S60 PC Suite Tray]
C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe [2008-12-06 699392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-29 296056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium]
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [2010-09-17 322384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]
C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2010-10-08 1123664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 3]
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE [2010-12-31 548528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-08-22 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE [2009-11-03 258048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^krajta5^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Intel(R) Turbo Boost Technology Monitor 2.0.lnk]
C:\PROGRA~1\Intel\TURBOB~1\SIGNAL~1.EXE [2010-11-29 204288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-29 296056]
"Cisco AnyConnect Secure Mobility Agent for Windows"=c:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe [2013-10-10 707984]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-11-19 683576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2013-11-20 20:51:12 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-11-20 20:51:12 ----A---- C:\Windows\system32\nvspcap64.dll
2013-11-20 20:50:09 ----D---- C:\Program Files (x86)\AGEIA Technologies
2013-11-20 20:48:46 ----D---- C:\Windows\SYSWOW64\NV
2013-11-20 20:48:46 ----D---- C:\Windows\system32\NV
2013-11-20 20:45:14 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-11-20 20:45:14 ----A---- C:\Windows\system32\nvaudcap64v.dll
2013-11-20 20:45:14 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-11-20 20:45:09 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-11-20 20:45:08 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvopencl.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvoglv64.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvoglshim64.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvinitx.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\NvIFR64.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\NvFBC64.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvdispgenco6433182.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvdispco6433182.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvcuvid.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\nvcuda.dll
2013-11-20 20:45:08 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2013-11-20 20:45:08 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-11-20 20:45:05 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-11-20 20:45:05 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-11-20 20:45:05 ----A---- C:\Windows\system32\nvcompiler.dll
2013-11-20 20:35:06 ----HD---- C:\ProgramData\.syncID
2013-11-20 20:34:19 ----HD---- C:\ProgramData\.Syncables
2013-11-19 20:40:33 ----D---- C:\AdwCleaner
2013-11-19 19:57:46 ----D---- C:\Windows\ERUNT
2013-11-19 19:55:58 ----A---- C:\sc-cleaner.txt
2013-11-15 01:14:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-15 01:14:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-15 01:14:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-15 01:14:16 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-15 01:14:16 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-15 01:14:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-15 01:14:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-15 01:14:16 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-15 01:14:16 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-15 01:14:16 ----A---- C:\Windows\system32\iesetup.dll
2013-11-15 01:14:16 ----A---- C:\Windows\system32\iernonce.dll
2013-11-15 01:14:16 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-15 01:14:14 ----A---- C:\Windows\system32\iertutil.dll
2013-11-15 01:14:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-15 01:14:13 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-15 01:14:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-15 01:14:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-15 01:14:10 ----A---- C:\Windows\system32\jscript9.dll
2013-11-15 01:14:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-15 01:14:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-15 01:14:07 ----A---- C:\Windows\system32\urlmon.dll
2013-11-15 01:14:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-15 01:14:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-15 01:14:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-15 01:14:03 ----A---- C:\Windows\system32\wininet.dll
2013-11-15 01:14:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-15 01:13:57 ----A---- C:\Windows\system32\ieframe.dll
2013-11-15 01:13:55 ----A---- C:\Windows\system32\mshtml.dll
2013-11-15 01:13:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-14 20:26:35 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 18:35:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-14 09:45:25 ----A---- C:\Windows\system32\crypt32.dll
2013-11-14 09:45:24 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-14 09:45:09 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-14 09:45:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-14 09:45:04 ----A---- C:\Windows\system32\authui.dll
2013-11-14 09:45:03 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-14 09:45:03 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-14 09:45:03 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 09:45:03 ----A---- C:\Windows\system32\credui.dll
2013-11-14 09:44:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-14 09:44:46 ----A---- C:\Windows\system32\schannel.dll
2013-11-14 09:44:46 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-14 09:44:46 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-14 09:44:46 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-14 09:44:46 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-14 09:44:45 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-14 09:44:45 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-14 09:44:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-14 09:44:45 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-14 09:44:45 ----A---- C:\Windows\system32\sspicli.dll
2013-11-14 09:44:45 ----A---- C:\Windows\system32\secur32.dll
2013-11-14 09:44:45 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-14 09:44:45 ----A---- C:\Windows\system32\lsass.exe
2013-11-14 09:44:39 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-14 09:44:39 ----A---- C:\Windows\system32\gdi32.dll
2013-11-14 09:44:36 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-14 09:44:36 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-14 09:44:36 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-14 09:44:36 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-14 09:44:36 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 19:29:45 ----D---- C:\Users\krajta5\AppData\Roaming\VMware
2013-11-13 19:22:03 ----D---- C:\ProgramData\VMware
2013-11-11 22:16:21 ----D---- C:\Program Files (x86)\LANGMaster Škola DNES
2013-11-11 22:15:50 ----A---- C:\Windows\SYSWOW64\LMRTREND.dll
2013-11-11 22:15:50 ----A---- C:\Windows\SYSWOW64\LMRT.dll
2013-11-11 22:15:48 ----A---- C:\Windows\SYSWOW64\dxtmsft3.dll
2013-11-11 22:15:45 ----A---- C:\Windows\SYSWOW64\unam4ie.exe
2013-11-11 22:15:45 ----A---- C:\Windows\SYSWOW64\strmdll.dll
2013-11-11 22:15:38 ----A---- C:\Windows\SYSWOW64\vidx16.dll
2013-11-11 22:15:38 ----A---- C:\Windows\SYSWOW64\danim.dll
2013-11-11 22:15:37 ----A---- C:\Windows\SYSWOW64\qcut.dll
2013-11-11 22:15:36 ----A---- C:\Windows\SYSWOW64\w95inf32.dll
2013-11-11 22:15:36 ----A---- C:\Windows\SYSWOW64\w95inf16.dll
2013-11-11 22:05:08 ----D---- C:\Program Files (x86)\Cenega Czech
2013-11-11 21:49:09 ----D---- C:\Program Files (x86)\Polda 3
2013-11-11 21:47:03 ----D---- C:\Program Files (x86)\Polda 2
2013-11-11 21:44:12 ----D---- C:\Program Files (x86)\Jowood
2013-11-11 21:43:34 ----A---- C:\Windows\ufouni.ini
2013-11-11 21:43:26 ----D---- C:\Program Files\ufouni
2013-11-11 20:57:01 ----D---- C:\Program Files (x86)\Monte Cristo
2013-11-11 19:30:37 ----D---- C:\chipdvd
2013-11-11 08:59:28 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2013-11-09 20:55:52 ----D---- C:\ProgramData\2DBoy
2013-11-09 20:55:24 ----D---- C:\Program Files (x86)\WorldOfGoo
2013-11-05 20:34:49 ----D---- C:\Program Files (x86)\DOSBox-0.74
2013-11-05 20:30:54 ----D---- C:\games
2013-11-02 11:55:46 ----D---- C:\Users\krajta5\AppData\Roaming\Avira
2013-11-02 11:51:32 ----D---- C:\ProgramData\AskPartnerNetwork
2013-11-02 11:51:32 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-11-02 11:49:49 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2013-11-02 11:49:49 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-11-02 11:49:49 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-11-02 11:49:48 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-11-02 11:49:40 ----D---- C:\ProgramData\Avira
2013-11-02 11:49:40 ----D---- C:\Program Files (x86)\Avira
2013-11-02 06:58:37 ----A---- C:\AdwCleaner[R2].txt
2013-10-29 12:05:13 ----D---- C:\Users\krajta5\AppData\Roaming\FLEXnet
2013-10-29 12:05:10 ----D---- C:\Users\krajta5\AppData\Roaming\Nuance
2013-10-27 15:05:53 ----A---- C:\AdwCleaner[R1].txt
2013-10-26 14:27:39 ----A---- C:\Windows\ATKPF.ini

======List of files/folders modified in the last 1 months======

2013-11-24 09:35:00 ----D---- C:\Program Files\Trend Micro
2013-11-24 09:32:22 ----D---- C:\Windows\System32
2013-11-24 09:32:22 ----D---- C:\Windows\inf
2013-11-24 09:32:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-24 09:32:11 ----D---- C:\Windows\Prefetch
2013-11-24 09:30:06 ----D---- C:\Windows\system32\config
2013-11-24 09:29:48 ----D---- C:\Windows\tracing
2013-11-23 19:45:44 ----D---- C:\Windows\temp
2013-11-23 15:51:15 ----A---- C:\Windows\SYSWOW64\log.txt
2013-11-23 15:50:02 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-11-23 15:49:56 ----D---- C:\Windows\system32\Tasks
2013-11-23 15:49:48 ----A---- C:\Windows\system32\acovcnt.exe
2013-11-23 15:49:45 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-11-23 15:49:40 ----D---- C:\Windows
2013-11-23 15:48:20 ----D---- C:\ProgramData\NVIDIA
2013-11-23 15:47:56 ----D---- C:\Windows\SysWOW64
2013-11-22 21:25:32 ----SHD---- C:\System Volume Information
2013-11-22 00:13:10 ----D---- C:\Program Files (x86)\Steam
2013-11-20 21:21:54 ----D---- C:\ProgramData\Orbit
2013-11-20 21:21:30 ----D---- C:\Users\krajta5\AppData\Roaming\uTorrent
2013-11-20 20:56:41 ----D---- C:\ProgramData\NVIDIA Corporation
2013-11-20 20:51:12 ----D---- C:\Program Files\NVIDIA Corporation
2013-11-20 20:51:11 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-11-20 20:51:09 ----D---- C:\Windows\Microsoft.NET
2013-11-20 20:50:10 ----SHD---- C:\Windows\Installer
2013-11-20 20:50:09 ----D---- C:\Program Files (x86)
2013-11-20 20:49:51 ----D---- C:\Windows\system32\drivers
2013-11-20 20:49:50 ----D---- C:\Windows\system32\DriverStore
2013-11-20 20:49:50 ----D---- C:\Windows\system32\catroot
2013-11-20 20:35:06 ----D---- C:\ProgramData
2013-11-20 19:40:53 ----D---- C:\Users\krajta5\AppData\Roaming\Ubisoft
2013-11-20 18:22:29 ----D---- C:\Windows\system32\drivers\etc
2013-11-20 13:12:55 ----RD---- C:\Program Files
2013-11-20 13:12:46 ----D---- C:\ProgramData\ICQ
2013-11-20 12:54:28 ----RSD---- C:\Windows\assembly
2013-11-20 12:40:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-19 19:40:37 ----D---- C:\Program Files (x86)\Common Files
2013-11-19 19:40:25 ----D---- C:\Program Files\Common Files
2013-11-19 19:40:23 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-18 10:04:46 ----D---- C:\ProgramData\Microsoft Help
2013-11-18 09:36:13 ----SD---- C:\Users\krajta5\AppData\Roaming\Microsoft
2013-11-17 17:38:30 ----D---- C:\Windows\rescache
2013-11-16 23:14:08 ----D---- C:\Users\krajta5\AppData\Roaming\TeamViewer
2013-11-16 19:32:53 ----RSD---- C:\Windows\Fonts
2013-11-16 19:32:46 ----D---- C:\Program Files (x86)\TeamViewer
2013-11-16 16:10:14 ----D---- C:\Users\krajta5\AppData\Roaming\Assassin's Creed III
2013-11-15 07:19:38 ----D---- C:\Windows\winsxs
2013-11-15 07:15:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-15 07:15:12 ----D---- C:\Program Files\Internet Explorer
2013-11-15 07:15:10 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-15 07:15:10 ----D---- C:\Windows\system32\cs-CZ
2013-11-15 01:16:17 ----D---- C:\Windows\system32\catroot2
2013-11-15 01:12:14 ----D---- C:\Windows\system32\MRT
2013-11-15 01:02:14 ----A---- C:\Windows\system32\MRT.exe
2013-11-14 18:56:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-14 12:58:17 ----A---- C:\Windows\system32\nvumdshimx.dll
2013-11-14 12:58:16 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2013-11-14 12:58:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2013-11-14 12:58:07 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-11-14 12:58:01 ----A---- C:\Windows\system32\nvapi64.dll
2013-11-13 22:13:12 ----D---- C:\Program Files (x86)\JDownloader
2013-11-13 19:23:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-11-12 21:42:07 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-11-12 16:59:29 ----D---- C:\Program Files\Windows Media Player
2013-11-11 22:15:50 ----D---- C:\Program Files (x86)\Windows Media Player
2013-11-11 22:15:45 ----D---- C:\Windows\Help
2013-11-11 22:02:39 ----A---- C:\Windows\win.ini
2013-11-11 16:02:02 ----A---- C:\Windows\system32\nvsvc64.dll
2013-11-11 16:02:02 ----A---- C:\Windows\system32\nvcpl.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvvsvc.exe
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvsvcr.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvshext.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nvmctray.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nv3dappshextr.dll
2013-11-11 16:01:59 ----A---- C:\Windows\system32\nv3dappshext.dll
2013-11-10 21:50:07 ----D---- C:\Users\krajta5\AppData\Roaming\Skype
2013-11-08 22:06:16 ----D---- C:\Program Files\NetBeans 7.3.1
2013-11-07 22:45:19 ----D---- C:\ProgramData\Package Cache
2013-11-07 17:47:48 ----D---- C:\Users\krajta5\AppData\Roaming\Audacity
2013-11-06 15:19:33 ----RD---- C:\Users
2013-11-04 21:20:50 ----D---- C:\Program Files (x86)\Audacity
2013-11-04 11:00:38 ----D---- C:\Windows\system32\NDF
2013-10-27 13:51:03 ----D---- C:\Program Files (x86)\Samsung
2013-10-27 13:40:36 ----D---- C:\Program Files (x86)\Garena Plus
2013-10-27 13:40:19 ----D---- C:\Program Files (x86)\IrfanView
2013-10-27 13:36:09 ----D---- C:\Users\krajta5\AppData\Roaming\.minecraft
2013-10-27 13:22:26 ----D---- C:\Program Files (x86)\Adobe
2013-10-26 14:13:02 ----D---- C:\Program Files (x86)\Left4Dead
2013-10-25 06:48:39 ----RD---- C:\Program Files (x86)\Skype
2013-10-25 06:48:38 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 32544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-25 526392]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-11-19 132600]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-10 28600]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-11-19 106904]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2013-10-10 83160]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AMPPAL;Virtuální adaptér Intel(R) Centrino(R) Bluetooth 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-08-11 44032]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-17 270912]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-11-14 39200]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock64.sys [2013-10-10 112496]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-03-24 34200]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2010-11-11 141384]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynUSB64.sys [2006-11-16 31248]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-19 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-19 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-10-10 1164360]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-23 166352]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-02 1517328]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-14 15125280]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-14 1914656]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-02 844560]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [2012-07-25 139776]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-14 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f C:\Program Files (x86)\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-11-18 569768]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-07-25 126976]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]

-----------------EOF-----------------

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 07:44
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 20:17
od krajta5
OTL Extras logfile created on: 25.11.2013 19:25:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\krajta5\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 53,82% Memory free
4,94 Gb Paging File | 2,18 Gb Available in Paging File | 44,22% Paging File free
Paging file location(s): c:\pagefile.sys 1000 6012d:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 21,67 Gb Free Space | 11,63% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 4,10 Gb Free Space | 1,61% Space Free | Partition Type: NTFS
Drive E: | 232,87 Gb Total Space | 5,58 Gb Free Space | 2,39% Space Free | Partition Type: NTFS
Drive F: | 232,89 Gb Total Space | 6,14 Gb Free Space | 2,64% Space Free | Partition Type: NTFS
Drive G: | 612,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 1,84 Gb Total Space | 1,26 Gb Free Space | 68,65% Space Free | Partition Type: FAT

Computer Name: KRAJTA5-PC | User Name: krajta5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-998483296-4234481553-3123803521-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD21F58-800F-4A52-BEB5-2A0E8A6407F0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{21F530B5-BA01-4811-AAF5-CA87E9B8ACB6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{31478B08-141E-46B6-ADE5-41C9687CF2E8}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{3DD8444B-78FE-4EF9-98E9-009AF8EC87C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4664F37F-1F3E-4729-9525-81A1AED2C27C}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{4B86565F-B815-47C5-8F26-BE41BFABF5A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4E2F3363-C461-4783-80BD-8516F599415C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54713A08-6EDF-45D4-AF63-255B35B8BD87}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59629482-2AF7-4511-AF66-8F9BE22DD21D}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{5A70B61C-58A0-4282-AF77-9F08EFC1B3C3}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{72620C29-98AB-4000-8B5F-A3BC38B0CC36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72BDDD4D-0910-46B9-AE15-776C4DE44867}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82208918-3C11-4C29-AA4A-387F2DDB7B9E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8AE8D228-0F0B-4A3F-9CD9-EB31F70EAC97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B6F2C2C-8018-43A7-B7AC-26177AFB6846}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{97FEAF32-9487-47E4-ABDC-C2FD34AD5F66}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B36B7768-F50C-44E2-99F3-8D7CF8C97D7E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C2A741E9-8DBA-4AFC-876E-F5397201E8E0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBC54ED4-304C-4E08-9301-86DC6D0CAB8F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CC7AA1C0-89BE-424F-BF41-CC9216AA06DA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF10A97F-53EB-4634-B1A3-2946666E9BF5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E44EC9A7-25EA-450C-93F7-5E643C48F901}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E492BB5A-A0C5-48B4-BD89-4A2C10B9DAE6}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E6394527-C607-400C-8B29-A0A9B3E7CFF1}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{FD410DEC-B69E-4A8A-9092-51ABE24BADEE}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{FF0E14E4-C858-4882-BB0F-5B5456352724}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0074771A-0942-46AA-81DD-B437E6BBEE6D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{03E6236A-2F24-4212-B235-02D336C17713}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{0427E420-3025-42B9-830E-E14CB191EE31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{05DAF888-144C-43D6-AC7B-FE4383CB1CD7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{092D710D-8FD1-485B-BE11-56BC3CED371A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{0963A3EE-4C19-4BEF-963A-85EEBC85547F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0CBC0FA5-6DCC-4B87-B3E8-3505C72FAC23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{0EC7A14C-5AAD-49B6-89E3-9C195EA43F61}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{11FCAB01-F781-4059-A759-446D5E792406}" = protocol=6 | dir=in | app=e:\assassin's creed\assassinscreed_dx9.exe |
"{12157139-A69B-4A7D-9D54-D128280B8FD7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{13841190-A249-4D48-BE67-E5B045699D06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15759503-9C5E-418C-8E11-B86F5300799F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{167AD153-4ACD-445A-82A0-D86FCB791CFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{17976738-274D-4F1D-8EE6-B7BDB253674F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1AD4F468-1C49-4959-8B97-DEAB6D038D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{1BD30A10-CC2B-483A-A84C-EE24400157E2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{266AA3CA-E962-44A5-B279-CE62E342AC3D}" = protocol=17 | dir=in | app=e:\ac4\assassin's creed iv - black flag\ac4bfsp.exe |
"{31394A9D-4986-41DA-9E7A-FEC6E21DE764}" = protocol=17 | dir=in | app=e:\assassin's creed\assassinscreed_dx10.exe |
"{3279BECB-3B3D-4F6B-AFF4-D343176FF24E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{35AA83B7-F618-4DE3-9273-8E161C176EC6}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{37B20B28-0BF4-4057-A79E-23BCF0D2998E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{38ECD7B3-3D87-4BA8-B2E3-E5D5FCCEDDA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3B59A8F4-296D-4FAC-BA40-0E10E798413C}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{3DD94FA7-22C0-4A4D-AE43-3A17B66591D0}" = protocol=6 | dir=in | app=c:\users\krajta5\appdata\local\microsoft\windows\temporary internet files\content.ie5\kt9lqz99\facemoods.exe |
"{4005DADF-8E62-4ECD-944A-2DFE3ACCA10C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{401F10E5-3A5D-4535-8F84-2358EDBD6961}" = protocol=6 | dir=in | app=e:\assassin's creed\assassinscreed_launcher.exe |
"{40803DC0-777E-4A77-A5A1-361186DA87BF}" = protocol=17 | dir=in | app=e:\assassin's creed\assassinscreed_dx9.exe |
"{430F2244-0C58-4361-86CE-9D32BE34C098}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{47055178-769E-465A-9C07-EECB6680E6C8}" = protocol=6 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{4A1F1B20-3933-429C-895F-CEC92C7FBBC0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C5C55D3-6471-46B0-8C69-F90DE933EB3F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4D1ABAC6-71FA-496D-9E38-7F90CF8A13C9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{50C0BB12-4711-4E8D-97E5-11C29E6B5073}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{53A7CC16-C5C5-4F51-BEFE-772940C5D669}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{53D13D68-4A43-43EA-BAC4-45F6F4569ABE}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{54836FAB-128A-4EBA-91F9-9B49CA7EAA5C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{57BEAF39-1237-4DD8-99EA-C8E62E137EF0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5953734A-C6B1-4FEE-B0BA-26FC9061C5B1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{59542305-B3D7-4983-A26C-6F269AAB08CB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5B3CF587-354A-4C45-9A75-28C42D5E9E63}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5B891AAD-25BC-463B-90C9-67F5CF702EB4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E54007A-99BF-4EBD-A926-55AAA8443CC0}" = protocol=6 | dir=in | app=e:\assassin's creed\assassinscreed_dx10.exe |
"{5F08D05F-CFBA-48A3-AEED-F40102709CD7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{6550EDE6-744F-4B2F-B16E-9047246E13E4}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{6699F7F7-4D87-4539-9AAA-DEA4A096023D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6D617D5E-42A8-4CA5-B839-054F6C0112E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{6F77B30F-3B5E-48E9-8462-94D13698CB54}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{70F42E5D-511E-45C3-8558-9368B4CED112}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{713FB6D2-E12C-4D54-B2F0-B3418BCCA2DD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{7264D2DC-F088-4AB7-ABA4-B2CBCBF66A20}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{735C517E-88BF-4904-9DB6-446F2A6EFD3B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{752AC860-947B-49CF-A4D0-173F326A2B36}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{764518B2-C4B6-452D-952D-2BAC63B66478}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7930CC94-F542-45D5-A9F2-22DB852806EE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{7C6EEECD-140D-42D6-BAE6-17F74696AC89}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{7CFE709D-C800-483F-A0F5-FEAA5C4AC6C3}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{800941D1-E1F6-4D50-8C60-C99FC193E1D6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{870D46C7-41A2-4008-A44C-F23C2065481D}" = protocol=17 | dir=in | app=c:\users\krajta5\downloads\facemoods.exe |
"{8C6508A3-B59C-4618-BB83-09B247FE7F52}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{8CB5BA17-DD9E-425E-9736-A9E04BE9ECB7}" = protocol=17 | dir=in | app=e:\battlefield 2\bf2.exe |
"{8EFA07E6-69B4-4167-A200-2A13335B8496}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F5A0A74-2BE0-458A-BB37-23BA9D9197EA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{914C458E-2A22-4151-B54B-B2AD30C29CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{91E76949-866F-4FFA-A05B-B0085FDC8DA9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{959E3435-18D3-4492-9F57-B5D4FA2B6087}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{99CF86EA-2B5B-47DD-894D-784CCB6A0C8F}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{9CCE62AF-F7BC-4F89-B6AE-EAD12B380900}" = protocol=6 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{9F9C37B2-581E-46B4-A163-33BAA9F14B7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A29E37C7-9FC9-4864-BF93-2D3E6623B753}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{A2C4CE6D-60CD-43A9-9CC1-B02EF26EE173}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{A7B35817-81B1-4A4C-904F-63BDB029749C}" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe |
"{A9B3FA1C-B90B-4F41-8C4D-D0FC9E28CA26}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{AB25E366-E384-4809-BDE4-0315695B3271}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{AF0B1665-59B0-4066-A294-38B5BF5EE86E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B3F6C253-5EE8-4D0A-BB48-17CF77812BC0}" = protocol=6 | dir=in | app=e:\steamlibrary\steamapps\common\age2hd\launcher.exe |
"{B4B7DE15-5EC0-43C4-A385-7B70ACA49FCD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B9558C84-D03F-4A78-A195-A186F32B7496}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{BAB56921-8E2B-4642-85D9-4D75F4C11439}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{BBFD08F5-960A-4202-9409-C96F57ECBB06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BC0FFC68-DF06-42BD-AD02-80DC8AE938BD}" = protocol=17 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{BC293144-D161-4470-910D-799EE4136763}" = protocol=6 | dir=in | app=c:\users\krajta5\downloads\facemoods.exe |
"{BD81ED31-4A67-4C0B-A3CC-0EDCB3A57407}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{BF18A71F-BA77-4F06-BFF8-4A5F75409729}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1A9760E-33CA-4834-985D-66E88D6B522E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C2129407-ED03-4F66-AAC8-8DE0AE9DB561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C41B0C14-7D3A-4161-93A8-41847DDCD23A}" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe |
"{C61AB335-6A5B-4DA4-85C3-7AE36BE3A2BC}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{C77E85D3-6FC7-42D2-9A0A-74005DCF4D6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D811E91B-4BBF-43A7-A25A-F184D192964D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{DAE8A95B-F6FF-4698-AE6B-38EF1B9EA498}" = protocol=6 | dir=in | app=e:\ac4\assassin's creed iv - black flag\ac4bfsp.exe |
"{DB2E4395-5090-422D-8CA8-3342588F8B39}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{DC27B41A-F414-4B47-9577-E498EE758A15}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{DDD8F3C8-F392-4947-AE25-3078FC780B59}" = protocol=6 | dir=out | app=system |
"{E5B43C71-C5E6-486D-B163-F370782EA53E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5DDCDE7-498E-4F7D-A817-55F0E7F61561}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{E5F34044-F319-412F-A2F9-93F480BFBE40}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E9DD7B00-EC26-40FF-8AD3-71B2F9914ECC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ECA37B2E-390B-4CC8-9518-F10E4749B5DB}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EDF44961-F9E2-41F8-B8B1-196179646816}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EF9B47A0-3B5F-4378-905F-FD74CBE66D97}" = protocol=6 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"{F2242793-7440-4A20-8659-305B447C608A}" = protocol=17 | dir=in | app=e:\assassin's creed\assassinscreed_launcher.exe |
"{F3DB4A5F-4B45-4654-9539-046706B2FF56}" = protocol=6 | dir=in | app=e:\battlefield 2\bf2.exe |
"{F59934E2-EA26-4F6C-9E70-6F78A325265D}" = protocol=17 | dir=in | app=c:\users\krajta5\appdata\local\microsoft\windows\temporary internet files\content.ie5\kt9lqz99\facemoods.exe |
"{F9A6B260-E6C2-4290-9029-3F964A5BB606}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{FA5B760A-E6CF-45D6-819B-A2B2A6AFA010}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FDB06DB5-471C-4085-8452-F2F592712B6D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{FE229320-926B-42B8-8ADB-BD09E92CFCC0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FEC68FBA-4CC5-48F9-945E-10B47A6F5ECC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0185A8EF-79DA-4585-B5C7-CF683019FE55}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{03B76C16-C158-44E6-8DB2-230C43DFD7B9}E:\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=e:\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"TCP Query User{0467A173-9E83-4B2F-B5A4-E4BECB22E83D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{04FB850A-E33F-4E5D-83B9-B25333D5357F}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{0697045A-3C73-4AE7-9567-FED38F4AA94C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{07B5D6FE-6B64-459A-A569-71F662BD7486}D:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5mp_server.exe" = protocol=6 | dir=in | app=d:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5mp_server.exe |
"TCP Query User{1465E717-96CB-403F-A128-D4207D80C2FF}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{165ABA58-4D73-44E7-86E5-275F6C3B6BDD}C:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe |
"TCP Query User{19C6890E-5ECA-47C9-B5F5-8D1022BA30F4}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{1FFF4CC5-70D9-48FF-8018-AE2653810F06}C:\program files (x86)\zend\zend studio - 7.2.0\zendstudio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zend\zend studio - 7.2.0\zendstudio.exe |
"TCP Query User{2079211F-0C30-46FB-BDC1-4F28A9C2E751}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{25226A5A-9752-45EC-8C61-4FF9F9E3C241}C:\program files (x86)\toxic games\qube\binaries\win32\qube.exe" = protocol=6 | dir=in | app=c:\program files (x86)\toxic games\qube\binaries\win32\qube.exe |
"TCP Query User{261A9DB9-254C-4E9C-BE07-57F01A09C639}D:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5sp.exe" = protocol=6 | dir=in | app=d:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5sp.exe |
"TCP Query User{2AC8110E-912B-4D80-95DE-5DF3C95762FC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{385807C1-90B6-4E6C-B017-EF410747303F}C:\users\krajta5\appdata\roaming\jlc's software\internet tv\update.exe" = protocol=6 | dir=in | app=c:\users\krajta5\appdata\roaming\jlc's software\internet tv\update.exe |
"TCP Query User{3E0471BB-2E69-49A8-B88C-77937AD8D34B}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{3E206973-926A-4F6D-8461-1E354DAA210A}E:\call of duty black ops 2\call of duty black ops ii\t6mp.exe" = protocol=6 | dir=in | app=e:\call of duty black ops 2\call of duty black ops ii\t6mp.exe |
"TCP Query User{408EA36C-90F0-4176-8094-8E3CC1DB7EFC}K:\left4dead.exe" = protocol=6 | dir=in | app=k:\left4dead.exe |
"TCP Query User{416B5A83-9141-4261-82D9-B1133C1A69E5}D:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"TCP Query User{44156514-4E45-4674-9837-D5100FB71143}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{47022D50-8DD8-44F2-9410-365187C96514}C:\program files (x86)\konami\battle los angeles\bin\battlela.exe" = protocol=6 | dir=in | app=c:\program files (x86)\konami\battle los angeles\bin\battlela.exe |
"TCP Query User{4DABFA1E-57C2-47FD-A925-38157C988BB8}E:\bf2\bf2.exe" = protocol=6 | dir=in | app=e:\bf2\bf2.exe |
"TCP Query User{50785928-EB48-4C49-8368-488A33C8A759}C:\program files (x86)\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{52F6C4F0-30A2-471B-8882-D34AD55DB4F3}C:\program files (x86)\left4dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left4dead\left4dead.exe |
"TCP Query User{587399EC-1994-4547-BAA2-78862E901EF8}C:\program files (x86)\left4dead\left4dead.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left4dead\left4dead.exe |
"TCP Query User{59A90A24-531A-406C-B8B6-478E0188B06E}C:\program files (x86)\garena classic\garena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"TCP Query User{5AA31B2C-C74C-4DA5-B7ED-1A9F7FE5D5DD}C:\program files (x86)\microsoft games\age of mythology\aom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aom.exe |
"TCP Query User{5CD2DCA1-1839-4C09-932D-DEA4111BBBEA}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{694E672A-09A7-45E5-BF87-F0A5F2F82B26}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{6C983F09-7EC9-48CC-958F-D066E60C9BA7}E:\call of duty black ops 2\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=e:\call of duty black ops 2\call of duty black ops ii\t6sp.exe |
"TCP Query User{74AF287E-9435-409B-9AA1-8EF8258CD523}E:\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=e:\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"TCP Query User{77084783-0F92-45A8-AFAD-4019537B69CA}C:\program files (x86)\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"TCP Query User{77F9C1F8-20DE-4FED-A80A-70A688E0C2CC}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{7B946A9B-4C79-4C9D-8B29-63623A1656BE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{7E3A8F05-FCCC-404D-91FC-76DE8F9486CD}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe |
"TCP Query User{7F87FE30-ACA6-4A7C-8794-0107ED4CEC2C}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"TCP Query User{803BC816-3220-4FD7-A82B-FD0EE372359F}C:\program files (x86)\1c\rc cars\rccars.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1c\rc cars\rccars.exe |
"TCP Query User{87EB2DEF-E733-4CF3-BFD9-304447E251B1}C:\program files (x86)\left4dead\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"TCP Query User{890B75B3-1144-4068-A7D8-0A3FB1A1500D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{96DC308E-C4E9-4AC9-8BDC-A010DA1EE3BB}C:\users\krajta5\desktop\age of empires ii\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\krajta5\desktop\age of empires ii\age2_x1\age2_x1.exe |
"TCP Query User{991E5EDD-6996-4BE2-B3FF-8C513A7E3B2C}C:\program files (x86)\steam\steamapps\krajta5\dark messiah might and magic multi-player\mm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\dark messiah might and magic multi-player\mm.exe |
"TCP Query User{99CC3CA6-4A7A-4498-9569-C3F94EA1D566}C:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe |
"TCP Query User{9DABE2A1-3508-488C-AD43-1932105B382E}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{9F3301A9-8A83-4DB3-BBB8-017D1825E59F}C:\users\krajta5\desktop\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\users\krajta5\desktop\age of empires ii\empires2.exe |
"TCP Query User{A27915D3-0E1E-4B9F-B07B-39181CD251E0}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{AD175F58-416B-413B-A24A-F7A0134AAC8B}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"TCP Query User{AD7E56F9-BFFB-470B-A367-66D232D6D776}C:\program files (x86)\lost planet 2\lp2dx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lost planet 2\lp2dx9.exe |
"TCP Query User{ADDF24B3-6BCD-4A0F-A756-2E88965AC124}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{D0E246B0-E15C-4466-B3A8-B743BBAFED7E}C:\program files (x86)\garena classic\garena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"TCP Query User{DB11D9DB-F174-471A-BBB8-8E481F1F7C43}C:\program files (x86)\toxic games\qube\binaries\win32\qube.exe" = protocol=6 | dir=in | app=c:\program files (x86)\toxic games\qube\binaries\win32\qube.exe |
"TCP Query User{E2B9ABDA-0148-4BDF-9E6F-C0E1CE0BC32F}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{E2EB42EA-494C-4994-B75E-0BBF74E2D1D0}E:\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=e:\battlefield 2\bf2.exe |
"TCP Query User{E927E8B5-CB59-4845-AACF-5557B2E06F71}C:\users\topag\desktop\internettv.exe" = protocol=6 | dir=in | app=c:\users\topag\desktop\internettv.exe |
"TCP Query User{EC07275A-D114-4F0C-8F4F-527D0B0A02D5}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{ECBF88EA-DD65-42EB-B0DB-41F90861B3EE}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{F8FAF0E0-DC07-457A-8E1B-C0603F82BCA8}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{013F8A22-11E3-4459-A767-B39B840B3E11}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{055C3CD0-57FE-4ADB-97CE-8531276F682A}E:\call of duty black ops 2\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=e:\call of duty black ops 2\call of duty black ops ii\t6sp.exe |
"UDP Query User{12DD995A-4D66-422E-90F9-7362BD2D7777}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{1E9CB4C2-4EE9-42F9-9AF7-36941CB0167F}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{22E420A3-6524-4835-A3A0-56D6ACB5DC1C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{24D3EE55-92CA-4266-A9DB-0C5A62A95058}E:\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=e:\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"UDP Query User{282F5B00-2C4A-454A-9A34-4AA72E384FEE}C:\program files (x86)\toxic games\qube\binaries\win32\qube.exe" = protocol=17 | dir=in | app=c:\program files (x86)\toxic games\qube\binaries\win32\qube.exe |
"UDP Query User{2F86F961-FD37-469C-B8BD-C77598925314}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"UDP Query User{3C249475-7A96-4641-A329-8FB577D8E5FD}D:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5mp_server.exe" = protocol=17 | dir=in | app=d:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5mp_server.exe |
"UDP Query User{3C730ABA-2B28-4767-9FD1-F2F1BAE015ED}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe |
"UDP Query User{41E2F8B5-4511-4319-8238-C5B6E8645159}C:\users\krajta5\desktop\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\users\krajta5\desktop\age of empires ii\empires2.exe |
"UDP Query User{41F541AC-DB3B-4C3E-AAA3-853BAFFA08F6}E:\bf2\bf2.exe" = protocol=17 | dir=in | app=e:\bf2\bf2.exe |
"UDP Query User{477B038F-FEC5-4A43-BDFD-8044527D5B5C}C:\users\krajta5\desktop\age of empires ii\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\krajta5\desktop\age of empires ii\age2_x1\age2_x1.exe |
"UDP Query User{47CA51C0-C4A1-4F46-B6A2-35312BA4E6A9}K:\left4dead.exe" = protocol=17 | dir=in | app=k:\left4dead.exe |
"UDP Query User{49B7B72A-4DBE-483D-A4C0-8F5BEEF53924}C:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe |
"UDP Query User{4A845FEC-8AAA-4294-B89F-5900CD810BCC}E:\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=e:\left 4 dead 2\left 4 dead 2\left4dead2.exe |
"UDP Query User{4BF9C431-B2B8-407F-8102-81C4E8E829EA}C:\program files (x86)\toxic games\qube\binaries\win32\qube.exe" = protocol=17 | dir=in | app=c:\program files (x86)\toxic games\qube\binaries\win32\qube.exe |
"UDP Query User{598622E5-0CB5-4363-864D-251F8D9A542A}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{59E15204-2DCA-45BB-B9BE-260BC2514C25}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{62DB2634-4E49-4EA1-B339-023731C87BDF}C:\users\topag\desktop\internettv.exe" = protocol=17 | dir=in | app=c:\users\topag\desktop\internettv.exe |
"UDP Query User{67FC7204-C11E-4AEF-BD7A-A0283FFB5548}D:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=d:\games\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{6E83B7A4-8FB7-41A0-8ED9-8F4B90575B43}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{75D45FCA-CC3D-4A0A-868D-8ECD5BC56C82}C:\program files (x86)\left4dead\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left4dead\hl2.exe |
"UDP Query User{77B06191-7E28-4D76-9DC5-74D5BBE0E11A}C:\program files (x86)\konami\battle los angeles\bin\battlela.exe" = protocol=17 | dir=in | app=c:\program files (x86)\konami\battle los angeles\bin\battlela.exe |
"UDP Query User{7DCB620B-35E5-4CAD-ABFE-EF6808243D3F}C:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\team fortress 2\hl2.exe |
"UDP Query User{7F37C405-484E-4671-B249-B1D63034F7DA}C:\program files (x86)\zend\zend studio - 7.2.0\zendstudio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zend\zend studio - 7.2.0\zendstudio.exe |
"UDP Query User{8C5AF4C5-8EE8-4FDE-9FF5-E669F900EDD5}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8F77F4AF-B4C4-4413-8D84-D9575A84D57C}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"UDP Query User{934C54CC-A3B0-4EB7-B69D-812D2AA9CEA0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{9701D94C-D93E-43DF-A4B9-8F3D1AFFB8AD}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |
"UDP Query User{9C838460-4D37-417E-8D19-8973CDECB140}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{A689450B-5753-4C63-9DF2-2507C8E5D0D8}E:\call of duty black ops 2\call of duty black ops ii\t6mp.exe" = protocol=17 | dir=in | app=e:\call of duty black ops 2\call of duty black ops ii\t6mp.exe |
"UDP Query User{AD336E62-4BBF-42BC-8436-01C07CD6BF52}C:\program files (x86)\steam\steamapps\krajta5\dark messiah might and magic multi-player\mm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\krajta5\dark messiah might and magic multi-player\mm.exe |
"UDP Query User{AE124497-9D96-4F47-B591-A265B9194ADE}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{B3B5F3EB-DD3F-406C-BB1E-782FF820D9C2}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{B5976F8C-25B2-400F-A818-635CD21FE65F}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{C5390BAC-7CA9-4E3B-AFE9-B625CA6DC007}C:\program files (x86)\microsoft games\age of mythology\aom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aom.exe |
"UDP Query User{CF9F3697-BA48-40C3-BC77-AC6687FAFBFC}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{D18E6B4D-1E05-4D43-98D5-05CAD8214CF7}C:\program files (x86)\garena classic\garena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"UDP Query User{D1A8025B-43DF-4084-810F-855B413DC530}C:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"UDP Query User{D6F78840-ED45-4D7A-9951-3380CBA4A62D}C:\program files (x86)\1c\rc cars\rccars.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1c\rc cars\rccars.exe |
"UDP Query User{D74744E8-2904-4138-AA19-AD9404A8E41A}C:\users\krajta5\appdata\roaming\jlc's software\internet tv\update.exe" = protocol=17 | dir=in | app=c:\users\krajta5\appdata\roaming\jlc's software\internet tv\update.exe |
"UDP Query User{D98E97E5-EF93-4C48-8D8E-075A053B1EC5}C:\program files (x86)\left4dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left4dead\left4dead.exe |
"UDP Query User{E372F5FB-6273-4D9F-8E5B-92C74EC95ED9}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{E734EF9C-4233-4CED-AC18-AA307ADDB20E}C:\program files (x86)\lost planet 2\lp2dx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lost planet 2\lp2dx9.exe |
"UDP Query User{EA392761-1E65-4ACE-9D6A-C20B4A9F3B27}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{EE2B36F4-1B2A-461B-A0CF-660CE995EC07}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{EF0CE960-639C-4634-A346-B5905181D5A9}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{EF68F873-CB3C-4EAE-96E1-C4A8B11A43B1}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"UDP Query User{EF8385C2-33A2-4669-8B8A-9F769EF8F3DD}E:\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=e:\battlefield 2\bf2.exe |
"UDP Query User{F52C681E-ADAF-462F-B6A6-1EFE8A3A7D00}C:\program files (x86)\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"UDP Query User{F8B8CEE4-A54B-4CE7-ACF1-3B34D97C6C2A}C:\program files (x86)\garena classic\garena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"UDP Query User{F8EF2B21-96BF-4469-92F8-C86F81CC95FD}C:\program files (x86)\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{F915432B-A9F4-4F97-8507-B4BDBB14A79C}D:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5sp.exe" = protocol=17 | dir=in | app=d:\call of duty modern warfare 3 (unlocked) by heckerfcb\hra\iw5sp.exe |
"UDP Query User{FB4D2A86-6218-4D0F-982F-2282D6572A65}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{FF2B6FAA-3402-485B-9667-1DC703CCCCCD}C:\program files (x86)\left4dead\left4dead.exe" = protocol=17 | dir=in | app=c:\program files (x86)\left4dead\left4dead.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{13417784-A359-3CDD-8DE1-B7108707D647}" = Visual Studio 2012 Prerequisites - ENU Language Pack
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1BF5ECDD-47AC-411B-9BC5-96F01346CD7C}" = Windows Live Family Safety
"{1D2596F8-5EDD-4F8A-BA88-734E5549DD72}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{24A534BC-AC8B-44A8-A417-135F28F8E9EE}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{28D85F24-B685-3364-BB7C-284C88C2FFE5}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BB3027E-7ABE-43EA-BA1B-9521EF69B530}" = Windows Live Family Safety
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{55EFD1A6-ED8E-3A4C-9581-5E1A1FF244CD}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU
"{572E796D-C52B-3797-A685-2FB6F895D4BE}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}" = Visual Studio 2012 Prerequisites
"{633AB014-DDE6-403E-A302-8920CC32C543}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{64A3A4F4-B792-11D6-A78A-00B0D0170250}" = Java SE Development Kit 7 Update 25 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6AAF4427-3039-4C8A-BE53-D6F01C21AD46}" = Microsoft Visual Studio 2012 IntelliTrace Core amd64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A0CC1C12-528A-42A3-B9A3-10C4F9E65C9E}" = Windows Live Family Safety
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A986CF32-C1C2-4B53-91AD-78EE027875C7}" = Windows Live Family Safety
"{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}" = Microsoft Web Deploy 3.0
"{AAE97E7E-B3A6-42BA-ADA5-04A0E6FD7224}" = Windows Live Family Safety
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 331.82
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{D0AB8C9D-93CE-4F48-A0D8-8A04D442F272}" = Windows Live Family Safety
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D9F3D00D-E946-3B3D-A4A6-93D5020DB9F7}" = Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{E3525BFB-1C0B-4022-98EE-824E3757E83F}" = Windows Live Family Safety
"{E892324D-9386-4105-806C-5550304CE519}" = Windows Live Family Safety
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F71F4E15-C711-4010-B1BD-74EE2618B86F}" = Windows Live Family Safety
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE74AC04-F248-4641-B3A9-89C6AA4339CD}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"Defraggler" = Defraggler
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"nbi-nb-base-7.3.1.0.201306052037" = NetBeans IDE 7.3.1
"ProInst" = Intel PROSet Wireless
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"UDK-db23b267-846a-4c5c-8591-2cb2dbca6564" = My Game Long Name
"WinRAR archiver" = WinRAR 4.01 (64-bit)

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 20:18
od krajta5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{046806D1-0A38-3FCA-AF84-F71C50A0C363}" = Microsoft Visual Studio Premium 2012
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0A1A1D48-DB23-443A-BC7B-49255D138020}" = Entity Framework Designer for Visual Studio 2012 - enu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{106F886B-A874-43DF-BCC4-01DB57E1F3C6}" = Windows Movie Maker 2 Winter Fun Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{1172AC15-080E-30E3-85B0-FF59AD2E6315}" = Microsoft Visual Studio Ultimate 2012 - ENU
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{246B0F46-F84E-4857-8C47-F2A86B598BC5}" = Microsoft Visual Studio 2012 Preparation
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{29F259D7-C517-3EED-84B4-237573CFD39C}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2F6CE32A-018D-4656-895B-9E5E20D7740A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
"{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1" = AML Free Registry Cleaner 4.25
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3FD1CB9F-807F-451B-926C-9D19C84CFC61}" = Messenger Suradnik
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D400407-6332-4101-8C78-506C85813506}" = Sony Ericsson OCS
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{532DBCC8-9468-435C-AEF6-30B7F50735A2}" = Blend for Visual Studio 2012 ENU resources
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57D782D7-49FD-48DE-AB47-A690A1519A2D}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{59D87F40-6C4B-4F80-A42B-FAA0E6EAFAB6}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DC26B5D-B2FD-482C-BA70-D81400AAB374}" = Cleanlab Application
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F066545-40A2-4C38-A8F7-78581CC5C442}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FC3B79F-47C6-38AF-B9A9-67DE3C639598}" = Microsoft Visual Studio Premium 2012 - ENU
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{731C183B-86A0-3442-BE55-68A7C92581E9}" = Microsoft Visual C++ 2012 Extended Libraries
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{790E9425-8570-493F-9AE7-81AFC9E46930}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AA828F3-BD67-495E-9742-BD9C3F196E78}" = PC Suite
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E274911-32ED-4489-9B04-4EF100D0E4D3}" = „Messenger“ pagalbinė priemonė
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EC376A3-F279-47D7-97AA-7BA2A2EB006E}" = Cisco AnyConnect Secure Mobility Client
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{902585EB-8FA3-43A5-AD1C-5C9821A77114}" = Messenger Pratilac
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{942CC691-5B98-42A3-8BC5-A246BA69D983}" = Microsoft ASP.NET MVC 4 Runtime
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1" = "Assassin's Creed IV - Black Flag"
"{9600393b-6ede-469b-a522-689fce1461d1}" = Microsoft Visual Studio Ultimate 2012
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0E2CD91-BC77-411F-BD5D-5ABCA8C7C5B8}" = Sony Ericsson Mobile Phone Monitor
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5F21073-4C0F-4844-B306-F20ADFEB12E2}" = Scooby Doo - Prokletí sfingy
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB6F6C80-1C35-4672-BDEF-F26FF214C409}" = Samsung PC Studio 7
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B1465D1D-6427-4CA1-AE29-8B699209E663}" = Microsoft Visual Studio 2012 Devenv Resources
"{B3533B84-A8DF-4A7A-8E95-B15F08B26E96}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}" = LocalESPCui for en-us
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B8DAA517-A144-4833-A7F5-0B3E861272F5}" = RAPTOR
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) verze v2011.build.48
"{B96FCD4F-6EDD-4258-8A6D-0FCEA8445E3E}" = Microsoft Web Developer Tools - Visual Studio 2012
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{B9F35D86-242E-3FA4-B9F8-A982E0DF918D}" = Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
"{BAD0254F-9BDB-3D14-A5AC-9C0EF51F3D09}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}" = LocalESPC
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4CAD994-6EA2-3121-8352-DA593150B322}" = Microsoft Portable Library Multi-Targeting Pack
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}" = Windows Runtime Intellisense Content - en-us
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047-13339EDBEC28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D4F81B27-4054-4AD6-A588-265508BAA17C}" = Messenger Companion
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D971780F-A609-4F78-92AA-B56FBC3955B9}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E3839628-F67D-40E7-BEF9-C0FEBABABB52}" = Messengeri kaaslane
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4ADE757-7FE9-322D-9CAE-C77D77A2D2BF}" = Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFA87714-E75A-3BFC-A698-A3AABA5A8A0C}" = Microsoft Visual Studio Ultimate 2012
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F14F9EE9-9B68-42B4-90F7-0924F7619281}" = Spremljevalec Messenger
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA804794-2CCB-4301-954F-2C2894698876}" = Microsoft SQL Server Data Tools - enu (11.1.20627.00)
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FBBC8076-BB21-4E06-9FA0-309AEF6E35EE}" = Microsoft ASP.NET Web Pages 2 Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Assassin's Creed III_R.G. Mechanics_is1" = Assassin's Creed III
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_K3 Series_ENG_Basic" = AsusScr_K3 Series_ENG_Basic
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bookworm Deluxe" = Bookworm Deluxe
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"Cooking Dash" = Cooking Dash
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dia" = Dia (pouze odstranit)
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"Jewel Quest 3" = Jewel Quest 3
"JLC's Internet TV" = JLC's Internet TV
"L4D2SPUC" = Left 4 Dead 2 Standalone Patch™
"LAME_is1" = LAME v3.99.3 (for Windows)
"LANGMaster Škola DNES_is1" = LANGMaster Škola DNES
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Meteor 2" = Meteor 2
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Plants vs Zombies" = Plants vs Zombies
"Polda II_is1" = Polda II
"Polda III_is1" = Polda III
"ProInst" = Intel PROSet Wireless
"RealPlayer 15.0" = RealPlayer
"Samsung PC Studio 7" = Samsung PC Studio 7
"SpeedFan" = SpeedFan (remove only)
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 570" = Dota 2
"TeamViewer 8" = TeamViewer 8
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-998483296-4234481553-3123803521-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.11.2013 10:10:45 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x18ac Čas spuštění chybující aplikace: 0x01cee91ef7729402 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 358b3860-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:10:51 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000053290
ID
chybujícího procesu: 0xf40 Čas spuštění chybující aplikace: 0x01cee91efac6866b Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 38e28636-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:10:57 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x454 Čas spuštění chybující aplikace: 0x01cee91efe96fda8 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 3caa98e3-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:04 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x1964 Čas spuštění chybující aplikace: 0x01cee91f02b5bd19 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 40d147b2-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:07 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0xfec Čas spuštění chybující aplikace: 0x01cee91f047092f5 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 4285b4d6-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:14 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x1460 Čas spuštění chybující aplikace: 0x01cee91f089daa7d Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 46b3418f-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:18 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x11a0 Čas spuštění chybující aplikace: 0x01cee91f0b499aa0 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 495aebe3-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:24 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x1404 Čas spuštění chybující aplikace: 0x01cee91f0eb2c309 Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 4cc4d79f-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 10:11:31 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.exe, verze: 6.1.7601.17567, časové
razítko: 0x4d672ee4 Název chybujícího modulu: ASUSWSShellExt64.dll, verze: 1.1.0.27,
časové razítko: 0x4c7f631d Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000051da
ID
chybujícího procesu: 0x1520 Čas spuštění chybující aplikace: 0x01cee91f12d1827b Cesta
k chybující aplikaci: C:\Windows\Explorer.exe Cesta k chybujícímu modulu: C:\Program
Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll ID zprávy: 50e4a885-5512-11e3-b736-00059a3c7a00

Error - 24.11.2013 12:55:06 | Computer Name = krajta5-PC | Source = Application Error | ID = 1000
Error - 24.11.2013 12:55:07 | Computer Name = krajta5-PC | Source = Application
Error | ID = 1000

Description = Název chybující aplikace: mspaint.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bca29
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521eaf24
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000c4102
ID chybujícího procesu: 0x1dac
Čas spuštění chybující aplikace: 0x01cee935e18afe3e
Cesta k chybující aplikaci: C:\Windows\system32\mspaint.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2be839e8-5529-11e3-b736-00059a3c7a00
Error - 25.11.2013 13:59:06 | Computer Name = krajta5-PC | Source = CVHSVC | ID
= 100

Description = Pouze informace
(Patch task for {90140011-0066-0405-0000-0000000FF1CE}): DownloadLatest Failed:

Error encountered while reading event logs.

< End of report >

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 20:20
od krajta5
OTL logfile created on: 25.11.2013 19:24:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\krajta5\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,91 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 53,82% Memory free
4,94 Gb Paging File | 2,18 Gb Available in Paging File | 44,22% Paging File free
Paging file location(s): c:\pagefile.sys 1000 6012d:\pagef [Binary data over 200 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 21,67 Gb Free Space | 11,63% Space Free | Partition Type: NTFS
Drive D: | 254,45 Gb Total Space | 4,10 Gb Free Space | 1,61% Space Free | Partition Type: NTFS
Drive E: | 232,87 Gb Total Space | 5,58 Gb Free Space | 2,39% Space Free | Partition Type: NTFS
Drive F: | 232,89 Gb Total Space | 6,14 Gb Free Space | 2,64% Space Free | Partition Type: NTFS
Drive G: | 612,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 1,84 Gb Total Space | 1,26 Gb Free Space | 68,65% Space Free | Partition Type: FAT

Computer Name: KRAJTA5-PC | User Name: krajta5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.11.25 19:21:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\krajta5\Desktop\OTL.exe
PRC - [2013.11.19 10:41:05 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.11.19 10:40:27 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.11.19 10:40:26 | 000,683,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.11.14 12:58:33 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.11.14 12:58:23 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.10.23 19:43:27 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.10.10 22:47:54 | 000,707,984 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013.10.10 22:47:38 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013.10.10 19:14:15 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
PRC - [2013.10.09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012.05.29 22:38:59 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.03.30 22:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.03.30 22:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.08.17 22:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010.07.19 20:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2013.11.14 12:58:09 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013.10.10 22:48:38 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2013.10.09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013.10.09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013.10.09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013.10.09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013.10.09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013.10.09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2009.05.15 23:22:42 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM_Samsung.dll
MOD - [2008.12.06 00:41:50 | 000,619,008 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PhoneBrowser.dll
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2013.11.14 12:58:38 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.02 22:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.05.02 22:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.05.02 22:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011.04.21 08:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011.04.21 07:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2010.11.30 21:19:52 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.11.29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.09.17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2008.07.29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2013.11.24 20:33:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.19 10:41:05 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.11.19 10:40:27 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.11.18 21:53:42 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.11.14 12:58:23 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.11.11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.10.23 19:43:27 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.10.10 22:47:38 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013.10.10 19:14:15 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2013.10.09 19:04:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.09.05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012.12.14 01:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.07.25 17:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012.07.25 17:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012.07.08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.03.30 22:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.03.30 22:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.03.30 22:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.10.06 05:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.06 05:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.11.19 10:41:15 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.11.19 10:41:15 | 000,106,904 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.11.14 12:58:46 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.14 12:58:16 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.10.10 22:31:34 | 000,052,080 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2013.10.10 22:29:26 | 000,112,496 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2013.10.10 19:14:15 | 000,083,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:64bit: - [2013.10.10 19:14:15 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.06.26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013.06.26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012.12.14 01:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.12.13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.25 09:14:10 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.08.17 21:32:29 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.05.01 22:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.04.21 17:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.04.21 17:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.03.24 14:47:04 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011.03.24 14:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.03.24 14:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.03.23 02:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.08 22:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.03.08 22:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010.12.13 14:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.11.29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:49:52 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010.11.11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.11.11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010.11.11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010.09.17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010.09.17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010.09.17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010.08.24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.08.11 07:11:26 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010.07.01 11:09:50 | 000,224,488 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2010.07.01 11:09:50 | 000,039,016 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009.10.12 14:23:22 | 000,114,304 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.10.05 14:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009.10.05 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.10 14:31:56 | 000,117,248 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.08.28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2006.11.16 15:58:46 | 000,031,248 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\synUSB64.sys -- (SynasUSB)
DRV - [2012.07.13 15:13:14 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2010.07.26 21:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.10.26 03:43:18 | 000,038,944 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009.10.26 03:43:16 | 000,117,152 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2009.10.05 14:22:20 | 000,044,320 | R--- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2006.07.24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [1999.09.14 19:43:44 | 000,014,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (Secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.loc

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.loc

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *


========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.04.01 10:25:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.29 22:39:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.15 19:01:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.24 20:33:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.24 20:33:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.24 20:33:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.24 20:33:46 | 000,000,000 | ---D | M]

[2011.11.15 15:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krajta5\AppData\Roaming\Mozilla\Extensions
[2013.11.20 13:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions
[2013.07.05 12:24:06 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com
[2013.07.05 12:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profilesdkhqnoho.default\extensions
[2013.07.05 12:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profilesdkhqnoho.default\extensions\staged
[2013.11.24 20:33:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.11.24 20:33:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.11.24 20:33:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.05 12:18:41 | 000,003,726 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.ask.com/?l=dis&o=14672cr
CHR - Extension: Dokumenty Google = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\krajta5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.07.03 16:31:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] c:\program files (x86)\cisco\cisco anyconnect secure mobility client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [Samsung.PCSync] C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia)
O4 - HKU\S-1-5-18..\Run: [Samsung.PCSync] C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe (Nokia)
O4 - HKU\S-1-5-21-998483296-4234481553-3123803521-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-21-998483296-4234481553-3123803521-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-998483296-4234481553-3123803521-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-998483296-4234481553-3123803521-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-998483296-4234481553-3123803521-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{671103DF-A04F-4BE4-AB3D-5398567F3445}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ddCUkHAP: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\gEwTjIby: DllName - (gEwTjIby.dll) - File not found
O20 - Winlogon\Notify\hGvUNeCV: DllName - (hGvUNeCV.dll) - File not found
O20 - Winlogon\Notify\iifcCTMg: DllName - (iifcCTMg.dll) - File not found
O20 - Winlogon\Notify\vtUnkHxx: DllName - (vtUnkHxx.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.03 16:01:34 | 000,000,141 | R--- | M] () - G:\AutoRun.ini -- [ CDFS ]
O32 - AutoRun File - [2001.11.12 14:59:18 | 000,373,248 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.06.17 09:28:35 | 000,000,049 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.aacacm - C:\Windows\SysWow64\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.CSCD - camcodec.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.IPJ2 - jp2avi.dll File not found
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: vidc.VP40 - vp4vfw.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP70 - vp7vfw.dll File not found
Drivers32: vidc.x264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.11.25 19:21:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\krajta5\Desktop\OTL.exe
[2013.11.24 20:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.11.24 17:54:17 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013.11.21 22:08:59 | 000,000,000 | ---D | C] -- C:\Users\krajta5\Desktop\pizza expres
[2013.11.20 21:11:20 | 000,000,000 | ---D | C] -- C:\Users\krajta5\Desktop\Assassins.Creed.IV.Black.Flag.Crack.Only-RELOADED
[2013.11.20 21:08:35 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Local\NVIDIA
[2013.11.20 20:51:12 | 001,064,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013.11.20 20:51:12 | 000,955,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013.11.20 20:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.11.20 20:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.11.20 20:48:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2013.11.20 20:48:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2013.11.20 20:45:14 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013.11.20 20:45:14 | 000,029,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2013.11.20 20:45:14 | 000,028,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013.11.20 20:45:09 | 018,293,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.11.20 20:45:08 | 030,361,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.11.20 20:45:08 | 022,951,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.11.20 20:45:08 | 018,208,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.11.20 20:45:08 | 015,862,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.11.20 20:45:08 | 011,600,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.11.20 20:45:08 | 011,514,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.11.20 20:45:08 | 009,691,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.11.20 20:45:08 | 009,619,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.11.20 20:45:08 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.11.20 20:45:08 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.11.20 20:45:08 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.11.20 20:45:08 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.11.20 20:45:08 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433182.dll
[2013.11.20 20:45:08 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433182.dll
[2013.11.20 20:45:08 | 000,707,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.11.20 20:45:08 | 000,657,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.11.20 20:45:08 | 000,609,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.11.20 20:45:08 | 000,562,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.11.20 20:45:08 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.11.20 20:45:08 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.11.20 20:45:08 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.11.20 20:45:08 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2013.11.20 20:45:05 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.11.20 20:45:05 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.11.20 20:45:05 | 002,697,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.11.20 20:35:37 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Local\ASUS
[2013.11.20 20:35:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\.syncID
[2013.11.20 20:34:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\.Syncables
[2013.11.20 14:16:02 | 000,000,000 | ---D | C] -- C:\Users\krajta5\Desktop\logy
[2013.11.20 13:18:31 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Local\CrashDumps
[2013.11.19 20:40:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.19 19:57:46 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.11.19 19:55:00 | 000,406,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\krajta5\Desktop\sc-cleaner.exe
[2013.11.19 19:54:52 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\krajta5\Desktop\JRT.exe
[2013.11.19 19:05:53 | 000,000,000 | ---D | C] -- C:\Users\krajta5\Documents\Assassin's Creed IV Black Flag
[2013.11.19 19:03:05 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Local\Game Updater
[2013.11.19 19:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag
[2013.11.19 12:18:12 | 000,000,000 | ---D | C] -- C:\Users\krajta5\AppData\Local\Setup Integrity Check
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\krajta5\Desktop\*.tmp files -> C:\Users\krajta5\Desktop\*.tmp -> ]
[1 C:\Users\krajta5\*.tmp files -> C:\Users\krajta5\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.11.25 19:32:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.25 19:29:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.25 19:21:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\krajta5\Desktop\OTL.exe
[2013.11.25 19:12:57 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.25 19:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.25 18:58:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.24 22:07:33 | 152,405,424 | ---- | M] () -- C:\Users\krajta5\Desktop\555 620 379_2013-11-24 21.40.tvs
[2013.11.24 20:22:36 | 000,041,482 | ---- | M] () -- C:\Users\krajta5\Desktop\1462968_254710901349249_474135773_n.jpg
[2013.11.24 20:18:26 | 000,086,324 | ---- | M] () -- C:\Users\krajta5\Desktop\1465347_202761989910980_580711484_n.jpg
[2013.11.24 17:54:17 | 000,000,969 | ---- | M] () -- C:\Users\krajta5\Desktop\SpeedFan.lnk
[2013.11.24 17:54:16 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013.11.24 15:19:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.24 15:19:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.24 15:09:51 | 000,038,673 | ---- | M] () -- C:\Users\krajta5\Desktop\Ctvrtek8h.pdf
[2013.11.24 15:07:40 | 000,073,383 | ---- | M] () -- C:\Users\krajta5\Desktop\StudiaStudenta_I13243.pdf
[2013.11.24 09:32:22 | 001,617,206 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.11.24 09:32:22 | 000,680,996 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.11.24 09:32:22 | 000,666,344 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.11.24 09:32:22 | 000,145,706 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.11.24 09:32:22 | 000,126,298 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.11.24 09:31:18 | 000,832,273 | ---- | M] () -- C:\Users\krajta5\Desktop\RSITx64.exe
[2013.11.23 15:50:02 | 000,001,984 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.11.23 15:49:48 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013.11.23 15:49:45 | 000,003,104 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.11.23 15:48:29 | 000,262,144 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.11.23 15:47:58 | 3152,130,048 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.22 11:55:28 | 000,007,661 | ---- | M] () -- C:\Users\krajta5\AppData\Local\resmon.resmoncfg
[2013.11.20 21:09:06 | 000,553,712 | ---- | M] () -- C:\Users\krajta5\Desktop\ntb.png
[2013.11.20 20:56:31 | 000,001,309 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.11.20 15:30:31 | 000,000,712 | ---- | M] () -- C:\Users\krajta5\Desktop\Assassin's Creed – zástupce.lnk
[2013.11.19 21:35:51 | 000,238,233 | ---- | M] () -- C:\Users\krajta5\Desktop\Autoskola Albert1 .jpg
[2013.11.19 21:33:04 | 019,440,593 | ---- | M] () -- C:\Users\krajta5\Desktop\Múzy dětem Výjezd č326 DD Semily III.flv
[2013.11.19 21:10:50 | 000,077,502 | ---- | M] () -- C:\Users\krajta5\Desktop\exkurze2.png
[2013.11.19 21:10:21 | 000,087,789 | ---- | M] () -- C:\Users\krajta5\Desktop\exkurze.png
[2013.11.19 20:39:13 | 001,085,542 | ---- | M] () -- C:\Users\krajta5\Desktop\AdwCleaner.exe
[2013.11.19 19:55:09 | 003,679,744 | ---- | M] () -- C:\Users\krajta5\Desktop\RogueKiller.exe
[2013.11.19 19:55:02 | 000,406,264 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\krajta5\Desktop\sc-cleaner.exe
[2013.11.19 19:54:53 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\krajta5\Desktop\JRT.exe
[2013.11.19 19:00:12 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk
[2013.11.19 10:41:15 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.11.19 10:41:15 | 000,106,904 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.11.19 10:39:39 | 000,321,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\krajta5\Desktop\*.tmp files -> C:\Users\krajta5\Desktop\*.tmp -> ]
[1 C:\Users\krajta5\*.tmp files -> C:\Users\krajta5\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.25 19:29:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.24 22:07:37 | 152,405,424 | ---- | C] () -- C:\Users\krajta5\Desktop\555 620 379_2013-11-24 21.40.tvs
[2013.11.24 20:22:36 | 000,041,482 | ---- | C] () -- C:\Users\krajta5\Desktop\1462968_254710901349249_474135773_n.jpg
[2013.11.24 20:18:26 | 000,086,324 | ---- | C] () -- C:\Users\krajta5\Desktop\1465347_202761989910980_580711484_n.jpg
[2013.11.24 17:54:17 | 000,000,969 | ---- | C] () -- C:\Users\krajta5\Desktop\SpeedFan.lnk
[2013.11.24 15:09:51 | 000,038,673 | ---- | C] () -- C:\Users\krajta5\Desktop\Ctvrtek8h.pdf
[2013.11.24 15:07:38 | 000,073,383 | ---- | C] () -- C:\Users\krajta5\Desktop\StudiaStudenta_I13243.pdf
[2013.11.24 09:31:17 | 000,832,273 | ---- | C] () -- C:\Users\krajta5\Desktop\RSITx64.exe
[2013.11.20 21:09:06 | 000,553,712 | ---- | C] () -- C:\Users\krajta5\Desktop\ntb.png
[2013.11.20 20:56:31 | 000,001,309 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013.11.20 15:30:31 | 000,000,712 | ---- | C] () -- C:\Users\krajta5\Desktop\Assassin's Creed – zástupce.lnk
[2013.11.19 21:35:51 | 000,238,233 | ---- | C] () -- C:\Users\krajta5\Desktop\Autoskola Albert1 .jpg
[2013.11.19 21:33:04 | 019,440,593 | ---- | C] () -- C:\Users\krajta5\Desktop\Múzy dětem Výjezd č326 DD Semily III.flv
[2013.11.19 21:10:50 | 000,077,502 | ---- | C] () -- C:\Users\krajta5\Desktop\exkurze2.png
[2013.11.19 21:10:21 | 000,087,789 | ---- | C] () -- C:\Users\krajta5\Desktop\exkurze.png
[2013.11.19 20:39:12 | 001,085,542 | ---- | C] () -- C:\Users\krajta5\Desktop\AdwCleaner.exe
[2013.11.19 19:55:07 | 003,679,744 | ---- | C] () -- C:\Users\krajta5\Desktop\RogueKiller.exe
[2013.11.19 19:00:12 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk
[2013.11.11 22:15:38 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013.11.11 21:43:34 | 000,000,659 | ---- | C] () -- C:\Windows\ufouni.ini
[2013.11.02 15:41:14 | 000,001,796 | ---- | C] () -- C:\Users\krajta5\AppData\Local\recently-used.xbel
[2013.10.26 14:27:39 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2013.10.10 09:47:39 | 000,001,040 | ---- | C] () -- C:\Users\krajta5\AppData\Local\SRDownloader.nast
[2013.09.25 14:06:26 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.07.03 16:07:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.07.03 16:07:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.07.03 16:07:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.07.03 16:07:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.07.03 16:07:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.14 15:07:17 | 000,103,288 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.12.14 01:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 01:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 01:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.11.27 23:15:16 | 000,060,899 | ---- | C] () -- C:\Users\krajta5\AppData\Local\1.save
[2012.11.27 23:15:16 | 000,002,063 | ---- | C] () -- C:\Users\krajta5\AppData\Local\2.save
[2012.11.27 23:15:16 | 000,000,009 | ---- | C] () -- C:\Users\krajta5\AppData\Local\2.save.metadata
[2012.11.27 23:15:16 | 000,000,009 | ---- | C] () -- C:\Users\krajta5\AppData\Local\1.save.metadata
[2012.06.30 14:18:27 | 000,000,005 | -H-- | C] () -- C:\Users\krajta5\.zs
[2012.03.10 10:54:04 | 003,862,147 | ---- | C] () -- C:\Users\krajta5\AppData\Roaming\minecraft.jar
[2012.02.29 20:21:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.11.29 17:17:14 | 001,643,790 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.28 20:39:51 | 000,025,600 | ---- | C] () -- C:\Users\krajta5\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.21 14:28:08 | 000,007,661 | ---- | C] () -- C:\Users\krajta5\AppData\Local\resmon.resmoncfg
[2011.08.17 21:42:44 | 000,045,270 | ---- | C] () -- C:\Users\krajta5\AppData\Roaming\room_v3.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.02.18 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ASUS WebStorage
[2013.02.18 21:03:43 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Nuance
[2013.02.18 20:31:03 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PC Suite
[2013.02.18 21:03:40 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Zeon
[2013.10.06 08:10:27 | 000,000,000 | ---D | M] -- C:\Users\Ivanka\AppData\Roaming\ASUS WebStorage
[2013.10.27 13:36:09 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\.minecraft
[2013.11.16 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Assassin's Creed III
[2011.08.17 21:03:59 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ASUS WebStorage
[2013.11.07 17:47:48 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Audacity
[2011.09.24 10:43:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\BITS
[2012.07.05 16:32:42 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Cool Record Edit Pro
[2011.08.18 20:52:44 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\DAEMON Tools Lite
[2013.02.07 20:15:54 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\DMCache
[2011.09.10 14:27:50 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\FlashGet
[2011.09.10 14:27:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\FlashGetBHO
[2012.08.24 20:40:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Galaxy on Fire 2 Full HD
[2013.03.29 12:40:23 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\GarenaPlus
[2011.08.17 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\GHISLER
[2011.09.17 18:26:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\gtk-2.0
[2012.06.30 14:53:10 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Import Audio from Video
[2012.03.05 17:32:24 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Internet Download Accelerator
[2012.11.20 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\IrfanView
[2013.09.03 22:58:57 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\jEdit
[2012.08.08 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\JLC's Software
[2012.02.09 20:51:45 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\LucasArts
[2012.10.02 18:51:56 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\MakeupGuide
[2013.09.03 23:22:20 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\NetBeans
[2013.10.29 12:05:10 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Nuance
[2012.11.28 20:47:36 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Orbit
[2012.11.27 22:16:46 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Origin
[2012.06.21 14:52:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PC Suite
[2013.06.23 22:20:18 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PhotoFiltre 7
[2011.08.20 14:15:02 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ProgSense
[2012.03.04 14:28:01 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Publish Providers
[2012.08.03 23:27:01 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PunkBuster
[2012.11.11 23:34:23 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Rovio
[2012.06.21 16:12:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Samsung
[2012.09.30 22:27:06 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\SoftGrid Client
[2012.03.04 14:27:58 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Sony
[2012.06.30 17:29:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Steinberg
[2013.11.16 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\TeamViewer
[2012.11.27 21:05:44 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Theta
[2012.03.20 15:29:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\thriXXX
[2011.11.29 17:17:49 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\TP
[2012.03.04 13:17:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ts3overlay
[2013.11.20 19:40:53 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Ubisoft
[2013.11.20 21:21:30 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\uTorrent
[2012.06.30 17:29:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\VST3 Presets
[2011.09.25 11:02:06 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Win7codecs
[2012.07.09 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Zeon

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.01 09:58:31 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.04.01 09:58:33 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.28 10:23:29 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 20:20
od krajta5
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[19 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[10 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[10 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[16 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\temp\avg_a04432\ProgData\*.tmp files -> C:\Windows\temp\avg_a04432\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]
[1 C:\Windows\temp\avg_a07896\ProgData\*.tmp files -> C:\Windows\temp\avg_a07896\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]
[1 C:\Windows\temp\avg_a09116\ProgData\*.tmp files -> C:\Windows\temp\avg_a09116\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.10.27 13:36:09 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\.minecraft
[2013.09.25 18:06:36 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Adobe
[2012.12.09 23:27:16 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Apple Computer
[2012.08.09 22:01:41 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ArcSoft
[2013.11.16 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Assassin's Creed III
[2011.08.17 21:03:59 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ASUS WebStorage
[2013.11.07 17:47:48 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Audacity
[2013.11.02 11:55:46 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Avira
[2011.09.24 10:43:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\BITS
[2012.07.05 16:32:42 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Cool Record Edit Pro
[2011.08.18 20:52:44 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\DAEMON Tools Lite
[2013.03.10 14:30:18 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\DivX
[2013.02.07 20:15:54 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\DMCache
[2013.01.04 23:49:43 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\dvdcss
[2011.09.10 14:27:50 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\FlashGet
[2011.09.10 14:27:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\FlashGetBHO
[2013.10.29 12:05:13 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\FLEXnet
[2012.08.24 20:40:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Galaxy on Fire 2 Full HD
[2013.03.29 12:40:23 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\GarenaPlus
[2011.08.17 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\GHISLER
[2011.09.17 18:26:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\gtk-2.0
[2011.08.17 20:42:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Identities
[2012.06.30 14:53:10 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Import Audio from Video
[2011.10.14 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\InstallShield
[2011.08.17 20:41:50 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Intel
[2012.03.05 17:32:24 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Internet Download Accelerator
[2012.11.20 16:48:33 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\IrfanView
[2013.09.03 22:58:57 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\jEdit
[2012.08.08 11:40:35 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\JLC's Software
[2012.02.09 20:51:45 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\LucasArts
[2011.08.17 20:47:17 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Macromedia
[2012.10.02 18:51:56 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\MakeupGuide
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Media Center Programs
[2013.11.18 09:36:13 | 000,000,000 | --SD | M] -- C:\Users\krajta5\AppData\Roaming\Microsoft
[2011.11.15 15:25:10 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Mozilla
[2013.09.03 23:22:20 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\NetBeans
[2013.10.29 12:05:10 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Nuance
[2011.12.03 20:43:05 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\NVIDIA
[2012.11.28 20:47:36 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Orbit
[2012.11.27 22:16:46 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Origin
[2012.06.21 14:52:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PC Suite
[2013.06.23 22:20:18 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PhotoFiltre 7
[2011.08.20 14:15:02 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ProgSense
[2012.03.04 14:28:01 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Publish Providers
[2012.08.03 23:27:01 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\PunkBuster
[2012.09.30 19:24:42 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Real
[2012.11.11 23:34:23 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Rovio
[2012.06.21 16:12:47 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Samsung
[2012.01.27 20:17:01 | 000,000,000 | RH-D | M] -- C:\Users\krajta5\AppData\Roaming\SecuROM
[2013.11.10 21:50:07 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Skype
[2012.09.30 22:27:06 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\SoftGrid Client
[2012.03.04 14:27:58 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Sony
[2012.06.30 17:29:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Steinberg
[2013.11.16 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\TeamViewer
[2012.11.27 21:05:44 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Theta
[2012.03.20 15:29:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\thriXXX
[2011.11.29 17:17:49 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\TP
[2012.03.04 13:17:38 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\ts3overlay
[2013.11.20 19:40:53 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Ubisoft
[2013.11.20 21:21:30 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\uTorrent
[2013.07.05 22:13:59 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\vlc
[2013.11.19 19:37:04 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\VMware
[2012.06.30 17:29:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\VST3 Presets
[2011.09.25 11:02:06 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Win7codecs
[2011.08.17 16:35:14 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\WinRAR
[2012.04.05 09:41:12 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Xfire
[2012.07.09 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\krajta5\AppData\Roaming\Zeon

< %APPDATA%\*.exe /s >
[2013.11.16 15:55:43 | 001,028,460 | ---- | M] () -- C:\Users\krajta5\AppData\Roaming\Assassin's Creed III\Uninstall\unins000.exe
[2012.03.04 13:37:52 | 000,029,184 | R--- | M] () -- C:\Users\krajta5\AppData\Roaming\Microsoft\Installer\{106F886B-A874-43DF-BCC4-01DB57E1F3C6}\IconTmpl5.26D6FF13_F77C_402E_8E96_9E49DFBBAF31.exe
[2013.10.17 18:18:51 | 000,001,078 | R--- | M] () -- C:\Users\krajta5\AppData\Roaming\Microsoft\Installer\{B8DAA517-A144-4833-A7F5-0B3E861272F5}\_112D608FD02CD87FDC7735.exe
[2013.10.17 18:18:51 | 000,001,078 | R--- | M] () -- C:\Users\krajta5\AppData\Roaming\Microsoft\Installer\{B8DAA517-A144-4833-A7F5-0B3E861272F5}\_853F67D554F05449430E7E.exe
[2013.10.17 18:18:51 | 000,001,078 | R--- | M] () -- C:\Users\krajta5\AppData\Roaming\Microsoft\Installer\{B8DAA517-A144-4833-A7F5-0B3E861272F5}\_ECF9A2F035FB69EC132E28.exe
[2011.09.19 20:49:04 | 000,010,134 | R--- | M] () -- C:\Users\krajta5\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.09.30 19:30:01 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2013.06.16 21:02:13 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\temp\~Upg10\rnupgagent.exe
[2013.09.02 19:58:02 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\temp\~Upg11\rnupgagent.exe
[2012.12.24 16:16:59 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\temp\~Upg4\rnupgagent.exe
[2013.03.30 12:24:10 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2013.09.02 19:58:02 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe
[2013.09.02 22:59:05 | 000,775,344 | ---- | M] (RealNetworks, Inc.) -- C:\Users\krajta5\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\stub_exe\RealPlayer.exe
[2012.06.14 19:39:30 | 033,134,152 | ---- | M] (Rovio) -- C:\Users\krajta5\AppData\Roaming\Rovio\Angry Birds Space\updates\Update\AngryBirdsSpaceInstaller_1.2.0.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.11.25 19:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.11.25 19:12:57 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.25 19:32:41 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.24 17:54:16 | 000,000,045 | ---- | M] () -- C:\Windows\system32\initdebug.nfo
[2013.11.23 15:51:15 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Syncables" = C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe -- [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.11.24 20:33:49 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=077D59BA0FD4007E841B6C670862B065 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.10.12 08:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.10.09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) MD5=3E399A1328181C2A352472369DE2A93A -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.25 19:29:05 | 000,000,512 | ---- | M] () MD5=1ADC24914383B501AC1193C37206DEC8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2005.05.13 10:22:10 | 000,054,539 | ---- | M] () -- \games\meteor2\base\clips\50_02codecrack.gif
[2013.07.05 21:02:42 | 000,000,114 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\cracked.com.png
[2013.07.05 12:30:37 | 000,004,125 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\CrackedCom.class
[2012.11.16 19:19:55 | 016,372,576 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay_Cracked.exe
[2011.12.17 20:50:47 | 000,001,021 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked\Start Minecraft Beta Cracked.lnk
[2011.12.17 20:50:47 | 000,000,956 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked\Uninstall Minecraft Beta Cracked.lnk
[2012.03.10 10:58:10 | 000,000,996 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.03.10 10:58:10 | 000,000,956 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2012.11.23 23:48:20 | 000,003,049 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Assassins.Creed.3.Crack.Only.v2-P2P.torrent
[2013.11.20 21:10:58 | 000,000,853 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Assassins.Creed.IV.Black.Flag.Crack.Only-RELOADED.torrent
[2013.05.18 16:07:35 | 000,000,728 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Call of Duty Modern Warfare 2 PROPER-SKIDROW CRACK-AMW3-.torrent
[2013.05.17 18:49:16 | 000,004,255 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Call.of.Duty.Black.Ops.II.Crack.Fix-skidrowz.torrent
[2013.05.17 18:50:03 | 000,011,863 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Call.of.Duty.Black.Ops.II.CRACK.ONLY-SKIDROW.torrent
[2012.11.23 23:42:26 | 000,000,279 | ---- | M] () -- \Users\krajta5\AppData\Roaming\uTorrent\Crack_Assassins.Creed.III.Proper-RELOADED.torrent
[1 \Users\krajta5\Desktop\*.tmp files -> \Users\krajta5\Desktop\*.tmp -> ]
[2013.06.24 18:54:03 | 000,004,125 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\plugins\hoster\CrackedCom.class
[2009.03.08 15:59:14 | 000,163,840 | ---- | M] () -- \Users\krajta5\Music\hudba\GArena\plugins\UI\AvoidCrackPlugin.dll

< *keygen* /s >
[2010.04.28 17:14:54 | 000,000,372 | ---- | M] () -- \Program Files (x86)\Zend\Zend Studio - 7.2.0\keygen.bat
[2010.04.28 17:15:02 | 000,000,293 | ---- | M] () -- \Program Files (x86)\Zend\Zend Studio - 7.2.0\keygen.sh
[2010.01.21 12:28:12 | 000,516,702 | ---- | M] () -- \Program Files (x86)\Zend\Zend Studio - 7.2.0\zend_keygen.jar

< *loader* /s >
[2013.11.14 17:32:24 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\Chrome\CT2801948\content\tb\al\ac\img\ajax-loader.gif.vir
[2013.11.14 17:32:25 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\Chrome\CT2801948\content\tb\al\ac\img\loader-icon.png.vir
[2013.11.14 17:32:25 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\Extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\Chrome\CT2801948\content\tb\al\ui\gf\img\loader.gif.vir
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2010.09.17 09:32:50 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\utilGenericLoader.dll
[2010.09.17 09:52:24 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\utilGenericLoader.dll
[2010.09.17 09:33:08 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\utilGenericLoader.dll
[2010.09.17 09:52:28 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\32bit\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\64bit\utilGenericLoader.dll
[2010.09.30 17:56:42 | 000,003,671 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DA-DK\loader.html
[2010.09.30 17:56:44 | 000,003,709 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DE-DE\loader.html
[2010.09.30 17:56:42 | 000,003,664 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\EN-US\loader.html
[2010.09.30 17:56:44 | 000,003,657 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ES-ES\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-CA\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-FR\loader.html
[2010.09.30 17:56:46 | 000,003,692 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\IT-IT\loader.html
[2010.09.30 17:56:48 | 000,003,730 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\JA-JP\loader.html
[2010.09.30 17:56:48 | 000,003,711 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\KO-KR\loader.html
[2010.09.30 17:56:50 | 000,003,677 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NB-NO\loader.html
[2010.09.30 17:56:50 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NL-NL\loader.html
[2010.09.30 17:56:50 | 000,003,679 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\PT-BR\loader.html
[2010.09.30 17:56:52 | 000,003,762 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\RU-RU\loader.html
[2010.09.30 17:56:52 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\SV-SE\loader.html
[2010.09.30 17:56:52 | 000,003,682 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\TR-TR\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-CN\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-TW\loader.html
[2010.09.17 09:32:56 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1725v0.0.0l1p1r1o1\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\utilGenericLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.11.14 12:58:30 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\331.82\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2010.09.01 09:49:08 | 000,014,666 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\panel\assets\images\uploader_photo.png
[2010.09.14 08:15:20 | 000,000,946 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\panel\assets\images\uploader_title.png
[2013.11.19 10:40:33 | 000,053,304 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2013.11.19 10:40:34 | 000,564,792 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2013.11.19 10:40:36 | 001,741,880 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[4 \Program Files (x86)\Avira\AntiVir Desktop\*.tmp files -> \Program Files (x86)\Avira\AntiVir Desktop\*.tmp -> ]
[2013.10.10 22:47:48 | 000,919,440 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2013.10.10 22:47:48 | 000,919,440 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2012.11.28 14:13:38 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.09.15 13:34:08 | 000,059,720 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2013.09.15 13:34:08 | 001,108,296 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2013.09.14 00:50:46 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\WebKit.resources\inspector\HeapSnapshotLoader.js
[2000.11.28 07:09:52 | 000,045,056 | ---- | M] () -- \Program Files (x86)\Common Files\GraphBoard 2.50\InternetLoader.dll
[2012.07.26 18:08:06 | 000,102,864 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2012.07.26 12:20:02 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.12.06 22:38:40 | 000,268,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 22:38:40 | 000,019,000 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.11.21 13:13:34 | 000,033,941 | ---- | M] () -- \Program Files (x86)\Dia\bin\gdk-pixbuf-query-loaders.exe
[2013.10.09 19:57:07 | 000,003,910 | ---- | M] () -- \Program Files (x86)\Dia\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.09.03 00:56:40 | 000,030,804 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.09.03 00:56:36 | 000,027,898 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.09.03 00:56:38 | 000,042,058 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.09.03 00:56:50 | 000,023,145 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.09.03 00:56:38 | 000,028,692 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.09.03 00:56:42 | 000,034,496 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.09.03 00:56:50 | 000,022,435 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.09.03 00:56:34 | 000,036,528 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.09.03 00:56:42 | 000,026,252 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.09.03 00:56:44 | 000,020,063 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.09.03 00:56:48 | 000,024,412 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.09.03 00:56:44 | 000,029,401 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.09.03 00:56:36 | 000,019,399 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.09.03 00:56:48 | 000,025,270 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.09.03 00:56:46 | 000,042,114 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.07.30 14:56:00 | 000,017,983 | ---- | M] () -- \Program Files (x86)\Dia\lib\gdk-pixbuf-2.0\2.10.0\loaders\svg_loader.dll
[2012.10.16 10:31:16 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10072\BTalkLoader.exe
[2012.11.02 23:35:15 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10075\BTalkLoader.exe
[2012.11.02 23:35:26 | 000,081,272 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\update\temp\restore\10076\BTalkLoader.exe
[2012.05.22 08:43:16 | 000,214,528 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.exe
[2012.05.22 08:43:16 | 000,593,293 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloader.jar
[2012.05.22 08:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderBETA.exe
[2012.05.22 08:43:16 | 000,218,816 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderD3D.exe
[2012.05.22 08:43:16 | 000,219,264 | ---- | M] () -- \Program Files (x86)\JDownloader\JDownloaderPortable.exe
[2013.10.28 20:13:46 | 000,000,101 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\exclusiveloader.com.png
[2013.07.05 21:05:53 | 000,000,102 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\omploader.org.png
[2013.07.05 20:55:25 | 000,000,104 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.jp.png
[2013.07.05 12:21:59 | 000,000,105 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.07.05 12:26:43 | 000,011,071 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.07.05 12:26:14 | 000,004,584 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.07.05 12:24:42 | 000,003,880 | ---- | M] () -- \Program Files (x86)\JDownloader\jd\plugins\hoster\UploaderJp.class
[2012.05.22 08:43:16 | 000,032,222 | ---- | M] () -- \Program Files (x86)\JDownloader\licenses\jdownloader.license
[2013.08.31 11:54:48 | 000,015,906 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\JARClassLoader.html
[2013.08.31 11:54:50 | 000,015,965 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\BshClassLoader.html
[2013.08.31 11:54:50 | 000,012,196 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.ClassSourceMap.html
[2013.08.31 11:54:50 | 000,015,274 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\DiscreteFilesClassLoader.html
[2013.08.31 11:54:50 | 000,006,537 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\BshClassLoader.html
[2013.08.31 11:54:50 | 000,007,237 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.ClassSourceMap.html
[2013.08.31 11:54:50 | 000,004,562 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\bsh\classpath\class-use\DiscreteFilesClassLoader.html
[2013.08.31 11:54:51 | 000,006,192 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\doc\api\org\gjt\sp\jedit\class-use\JARClassLoader.html
[2013.08.31 11:54:46 | 000,003,468 | ---- | M] () -- \Program Files (x86)\jEdit 5.1.0\modes\sql-loader.xml
[2010.08.27 18:43:08 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Mafia II\pc\PhysXLoader.dll
[2012.06.07 13:43:34 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Packages\jquery.mobile.1.1.0.1\content\Content\images\ajax-loader.gif
[2012.06.07 13:43:34 | 000,000,340 | ---- | M] () -- \Program Files (x86)\Microsoft ASP.NET\ASP.NET MVC 4\Packages\jquery.mobile.1.1.0.1\content\Content\images\ajax-loader.png
[2012.07.26 18:08:06 | 000,102,864 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\coloader80.dll
[2012.07.26 13:30:52 | 000,001,373 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\coloader80.dll.manifest
[2012.07.26 12:20:02 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\coloader80.tlb
[2012.07.26 18:41:24 | 000,375,936 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\Extensions\Microsoft\Architecture Tools\Repository\Microsoft.VisualStudio.Repository.Code.Native.Loader.dll
[2012.07.26 18:41:24 | 001,408,624 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\Extensions\Microsoft\Architecture Tools\Repository\Microsoft.VisualStudio.Repository.Runtime.Loader.dll
[2012.07.26 18:08:06 | 000,036,320 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\Extensions\Microsoft\ConcurrencyVisualizer\PdbDownloader.exe
[2012.07.26 18:08:06 | 000,039,008 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.LightSwitch.CommandLineBuildLoader.dll
[2012.07.26 18:08:06 | 000,042,040 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.LightSwitch.Design.Loader.dll
[2012.07.26 18:08:06 | 000,024,760 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ReferenceAssemblies\v2.0\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.dll
[2012.03.15 19:40:38 | 000,001,659 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\VC\atlmfc\include\afxribboninfoloader.h
[2012.03.15 19:40:40 | 000,004,545 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 11.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2012.07.10 13:38:22 | 000,015,472 | ---- | M] () -- \Program Files (x86)\Microsoft Web Tools\Page Inspector\Microsoft.VisualStudio.Web.PageInspector.Loader.dll
[2013.11.14 12:58:30 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.07.25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 03:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2009.06.26 09:11:26 | 000,208,896 | ---- | M] () -- \Program Files (x86)\Samsung\Samsung PC Studio 7\Symbian_Downloader_DLL.dll
[2011.08.31 18:24:50 | 000,064,280 | ---- | M] () -- \Program Files (x86)\Toxic Games\QUBE\Binaries\Win32\PhysXLoader.dll
[2012.11.27 23:08:10 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.11.27 23:08:11 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2012.07.25 12:12:10 | 000,013,831 | ---- | M] () -- \Program Files (x86)\Windows Kits\8.0\Include\um\libloaderapi.h
[2012.07.25 17:46:28 | 000,211,456 | ---- | M] () -- \Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Te.Loaders.dll
[2012.07.25 17:46:28 | 000,211,456 | ---- | M] () -- \Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\x64\Te.Loaders.dll
[2012.12.06 22:38:40 | 000,364,088 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 22:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.09.03 23:13:34 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.09.03 23:13:39 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.09.03 23:13:42 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.09.03 23:13:42 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.09.03 23:13:42 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.09.03 23:13:42 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_25\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2013.06.05 20:38:10 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.06.05 20:38:10 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\config\Modules\org-openide-loaders.xml
[2013.09.03 23:16:33 | 001,403,678 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\modules\org-openide-loaders.jar
[2013.09.03 23:16:31 | 000,007,024 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\modules\locale\org-openide-loaders_ja.jar
[2013.09.03 23:16:29 | 000,006,445 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2013.09.03 23:16:31 | 000,007,546 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\modules\locale\org-openide-loaders_ru.jar
[2013.09.03 23:16:29 | 000,006,645 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.09.03 23:17:48 | 000,000,799 | ---- | M] () -- \Program Files\NetBeans 7.3.1\platform\update_tracking\org-openide-loaders.xml
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{7D88730F-AFFA-46F0-A347-93B899BC8B98}\ExtensionLoader.dll
[2013.11.14 12:58:30 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{8D055F3E-EDE1-46C0-9ECB-6CF10229AF04}\ExtensionLoader.dll
[2010.09.17 09:52:28 | 000,030,864 | ---- | M] () -- \Program Files\Trend Micro\AMSP\utilGenericLoader.dll
[2010.09.30 17:56:42 | 000,003,671 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DA-DK\loader.html
[2010.09.30 17:56:44 | 000,003,709 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DE-DE\loader.html
[2010.09.30 17:56:42 | 000,003,664 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\EN-US\loader.html
[2010.09.30 17:56:44 | 000,003,657 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ES-ES\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-CA\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-FR\loader.html
[2010.09.30 17:56:46 | 000,003,692 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\IT-IT\loader.html
[2010.09.30 17:56:48 | 000,003,730 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\JA-JP\loader.html
[2010.09.30 17:56:48 | 000,003,711 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\KO-KR\loader.html
[2010.09.30 17:56:50 | 000,003,677 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NB-NO\loader.html
[2010.09.30 17:56:50 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NL-NL\loader.html
[2010.09.30 17:56:50 | 000,003,679 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\PT-BR\loader.html
[2010.09.30 17:56:52 | 000,003,762 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\RU-RU\loader.html
[2010.09.30 17:56:52 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\SV-SE\loader.html
[2010.09.30 17:56:52 | 000,003,682 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\TR-TR\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-CN\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-TW\loader.html
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UI\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UI\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2010.09.17 09:32:56 | 000,024,160 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \Program Files\Trend Micro\Titanium\www\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \Program Files\Trend Micro\Titanium\www\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2011.05.28 21:04:04 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.08.11 15:55:13 | 000,014,515 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12060\FileLoader.dll
[2012.08.11 15:57:07 | 000,867,779 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12060\ggdownloader.dll
[2013.09.02 20:15:34 | 000,020,929 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12154\FileLoader.dll
[2013.01.30 19:21:37 | 000,945,655 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12154\ggdownloader.dll
[2013.01.30 19:16:12 | 000,027,494 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12154\bbtalk\BTalkLoader.exe
[2013.07.05 12:20:43 | 000,001,907 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.07.05 12:20:43 | 000,001,886 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.07.05 12:20:43 | 000,001,963 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.05.29 22:39:19 | 000,012,512 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.05.29 22:39:20 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.08.11 15:55:13 | 000,014,515 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12060\FileLoader.dll
[2012.08.11 15:57:07 | 000,867,779 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12060\ggdownloader.dll
[2013.09.02 20:15:34 | 000,020,929 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12154\FileLoader.dll
[2013.01.30 19:21:37 | 000,945,655 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12154\ggdownloader.dll
[2013.01.30 19:16:12 | 000,027,494 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12154\bbtalk\BTalkLoader.exe
[2013.07.05 12:20:43 | 000,001,907 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.07.05 12:20:43 | 000,001,886 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.07.05 12:20:43 | 000,001,963 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.05.29 22:39:19 | 000,012,512 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.05.29 22:39:20 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.10.10 09:47:39 | 000,001,040 | ---- | M] () -- \Users\krajta5\AppData\Local\SRDownloader.nast
[2013.10.21 19:36:53 | 000,004,178 | ---- | M] () -- \Users\krajta5\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.1.12_0\content\icons\loader.gif
[2013.02.01 22:30:21 | 000,003,072 | ---- | M] () -- \Users\krajta5\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_downloader.bestvideodownloader.com_0.localstorage
[2013.02.01 22:30:21 | 000,003,608 | ---- | M] () -- \Users\krajta5\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_downloader.bestvideodownloader.com_0.localstorage-journal
[2011.09.25 11:09:18 | 000,000,723 | ---- | M] () -- \Users\krajta5\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_11808\CRX_INSTALL\img\ajax-loader.gif
[2011.09.25 11:09:18 | 000,001,722 | ---- | M] () -- \Users\krajta5\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_11808\CRX_INSTALL\js\FMLoader.js
[2013.07.05 14:22:32 | 002,054,329 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\JDownloader.jar
[2013.07.05 13:31:50 | 000,414,848 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\JDownloader2.exe
[2013.07.05 13:31:50 | 000,000,248 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\JDownloader2.vmoptions
[2013.07.05 13:31:50 | 000,255,616 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\JDownloader2Update.exe
[2013.07.05 13:31:50 | 000,000,248 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\JDownloader2Update.vmoptions
[2013.07.05 13:31:50 | 000,414,848 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe
[2013.07.05 14:56:15 | 000,000,117 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.api.myjdownloader.MyJDownloaderSettings.json
[2013.07.05 14:27:49 | 000,000,109 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.api.RemoteAPIConfig.json
[2013.07.05 14:56:15 | 000,000,025 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.captcha.v2.solver.Captcha9kwSettings.json
[2013.07.05 14:56:15 | 000,000,025 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.captcha.v2.solver.CaptchaBrotherHoodSettings.json
[2013.07.05 14:56:15 | 000,000,025 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.captcha.v2.solver.CaptchaResolutorCaptchaSettings.json
[2013.08.08 18:51:36 | 000,001,270 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.controlling.filter.LinkFilterSettings.filterlist.json
[2013.07.05 14:27:49 | 000,000,428 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.controlling.filter.LinkFilterSettings.json
[2013.07.05 14:56:15 | 000,000,034 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.controlling.packagizer.PackagizerSettings.json
[2013.08.08 18:51:36 | 000,003,168 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.controlling.packagizer.PackagizerSettings.rulelist.json
[2013.08.08 18:51:36 | 000,000,108 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.extensions.antistandby.AntiStandbyExtension.json
[2013.07.05 14:27:49 | 000,000,104 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.extensions.chat.ChatExtension.json
[2013.07.05 14:56:15 | 000,000,186 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.extensions.extraction.ExtractionExtension.json
[2013.07.05 14:27:49 | 000,000,084 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.extensions.shutdown.ShutdownExtension.json
[2013.07.05 14:27:49 | 000,000,224 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.extensions.translator.TranslatorExtension.ejs
[2013.08.08 18:51:36 | 000,000,336 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.gui.jdtrayicon.TrayExtension.json
[2013.07.05 14:54:41 | 000,000,143 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.gui.views.linkgrabber.addlinksdialog.LinkgrabberSettings.downloaddestinationhistory.json
[2013.07.05 14:56:15 | 000,000,509 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.gui.views.linkgrabber.addlinksdialog.LinkgrabberSettings.json
[2013.07.05 14:54:32 | 000,000,003 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.gui.views.linkgrabber.addlinksdialog.LinkgrabberSettings.packagenamehistory.json
[2013.07.05 14:27:49 | 000,000,024 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.jdserv.stats.StatsManagerConfig.json
[2013.08.08 18:51:36 | 000,000,016 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.AccountSettings.accounts.ejs
[2013.07.05 14:26:01 | 000,000,055 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.GeneralSettings.browsercommandline.json
[2013.08.08 18:51:36 | 000,001,103 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.GeneralSettings.json
[2013.08.08 18:51:36 | 000,002,002 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.GraphicalUserInterfaceSettings.json
[2013.08.08 18:51:36 | 000,000,244 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.GraphicalUserInterfaceSettings.lastframestatus.json
[2013.08.08 18:51:36 | 000,000,003 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.InternetConnectionSettings.customproxylist.json
[2013.08.08 18:51:36 | 000,000,003 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.InternetConnectionSettings.directgatewaylist.json
[2013.07.05 14:27:49 | 000,000,124 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.InternetConnectionSettings.json
[2013.07.05 14:56:15 | 000,000,270 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.SilentModeSettings.json
[2013.07.05 14:56:15 | 000,000,067 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.settings.SoundSettings.json
[2013.07.05 14:27:49 | 000,000,033 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.update.lastchance.LastChanceConfig.json
[2013.07.05 14:27:49 | 000,000,066 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.updatev2.InternetConnectionSettings.json
[2013.08.08 18:51:36 | 000,000,615 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\org.jdownloader.updatev2.UpdateSettings.json
[2013.07.05 14:27:41 | 000,000,004 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\menus\org.jdownloader.gui.jdtrayicon.TrayIconMenuManager.menu.json
[2013.07.05 14:26:03 | 000,000,004 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\menus\org.jdownloader.gui.mainmenu.MainMenuManager.menu.json
[2013.07.05 14:26:03 | 000,000,004 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\menus\org.jdownloader.gui.toolbar.MainToolbarManager.menu.json
[2013.07.05 14:26:08 | 000,000,004 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\menus\org.jdownloader.gui.views.downloads.contextmenumanager.DownloadListContextMenuManager.menu.json
[2013.07.05 14:26:08 | 000,000,004 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\cfg\menus\org.jdownloader.gui.views.linkgrabber.contextmenu.LinkgrabberContextMenuManager.menu.json
[2013.08.08 18:49:31 | 002,161,632 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\JDownloader.jar
[2013.08.08 18:49:38 | 000,000,003 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\cfg\org.jdownloader.settings.InternetConnectionSettings.customproxylist.json
[2013.08.08 18:49:38 | 000,000,003 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\cfg\org.jdownloader.settings.InternetConnectionSettings.directgatewaylist.json
[2013.08.08 18:49:38 | 000,000,124 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\cfg\org.jdownloader.settings.InternetConnectionSettings.json
[2013.08.08 18:49:42 | 000,000,025 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\cfg\org.jdownloader.update.lastchance.LastChanceConfig.json
[2013.08.08 18:49:51 | 000,000,529 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\cfg\org.jdownloader.updatev2.UpdateSettings.json
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\JDownloader.log.0
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\JDownloader.log.0.lck
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.gui.LAFManager.log.0
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.gui.LAFManager.log.0.lck
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.launcher.SecondLevelLauncher.log.0
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.launcher.SecondLevelLauncher.log.0.lck
[2013.08.08 18:49:41 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.launcher.SelfTest.log.0
[2013.08.08 18:49:41 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.launcher.SelfTest.log.0.lck
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.UpdateManager.log.0
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.update.UpdateManager.log.0.lck
[2013.08.08 18:49:57 | 000,000,228 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.updatev2.restart.WindowsRestarter.log.0
[2013.08.08 18:49:40 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Local\JDownloader v2.0\tmp\update\self\JDU\logs\1375984180047_19.49\org.jdownloader.updatev2.restart.WindowsRestarter.log.0.lck
[2013.11.07 22:15:43 | 000,110,642 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UQK21J6\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2013.10.03 16:44:17 | 000,109,505 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UQK21J6\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013.11.07 22:15:43 | 000,001,537 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UQK21J6\AdLoader[2].htm
[2013.09.25 18:00:05 | 000,000,723 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UQK21J6\downloaderror[1].js
[2013.07.05 12:53:39 | 000,019,497 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UQK21J6\loader[1].gif
[2013.08.09 19:12:35 | 000,000,723 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36EFD15W\downloaderror[1].js
[2013.08.09 19:12:35 | 000,001,174 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36EFD15W\downloader[1].js
[2013.09.25 18:00:05 | 000,001,174 | ---- | M] () -- \Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36EFD15W\downloader[2].js
[2013.10.23 20:51:09 | 000,919,440 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\3F9F.tmp\vpndownloader.exe
[2013.07.05 12:17:48 | 000,006,494 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a03688\ProgData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12\modules\skin\ajax-loader.gif
[2013.07.05 12:17:48 | 000,000,729 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a03688\ProgData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12\modules\skin\loader.gif
[2013.07.05 12:17:48 | 000,019,497 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a03688\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.07.05 12:18:11 | 000,006,494 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a05492\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.3.0.11\modules\skin\ajax-loader.gif
[2013.07.05 12:18:11 | 000,000,729 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a05492\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.3.0.11\modules\skin\loader.gif
[2013.07.05 12:18:11 | 000,019,497 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\avg_a05492\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.05.22 11:33:34 | 025,101,952 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\is1070216317\JDownloaderSetup_IC.exe
[2012.08.29 11:06:34 | 000,022,379 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\ish77514712\images\loader.gif
[2012.08.29 11:06:34 | 000,022,379 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\ish77518893\images\loader.gif
[2013.04.30 12:25:22 | 000,010,819 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\ish84917631\images\Loader.gif
[2013.10.02 19:48:55 | 000,019,497 | ---- | M] () -- \Users\krajta5\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.09.14 22:58:43 | 000,039,905 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\krajta5s iPad\iDownloaderLite_2013-08-21-144614_krajta5s-iPad.crash
[2013.09.28 07:10:03 | 000,043,808 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\krajta5s iPad\iDownloaderLite_2013-09-27-214806_krajta5s-iPad.crash
[2013.09.28 07:10:03 | 000,043,749 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\krajta5s iPad\iDownloaderLite_2013-09-27-215835_krajta5s-iPad.crash
[2013.09.28 07:10:03 | 000,041,650 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\krajta5s iPad\iDownloaderLite_2013-09-27-225236_krajta5s-iPad.crash
[2013.09.28 07:10:03 | 000,044,022 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Apple Computer\Logs\CrashReporter\MobileDevice\krajta5s iPad\iDownloaderLite_2013-09-28-075748_krajta5s-iPad.crash
[2013.08.09 19:15:47 | 000,000,000 | ---- | M] () -- \Users\krajta5\AppData\Roaming\ASUS WebStorage\Logs\AWS-Uninstall JDownloader.txt
[2013.07.05 14:24:24 | 000,002,096 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader 2.lnk
[2013.07.05 12:21:03 | 000,001,963 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.07.05 14:24:23 | 000,002,111 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Uninstaller.lnk
[2013.07.05 14:24:23 | 000,002,090 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2 Update & Rescue.lnk
[2013.07.05 14:24:23 | 000,002,096 | ---- | M] () -- \Users\krajta5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader 2.lnk
[2013.07.05 14:24:25 | 000,002,096 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader 2.lnk
[2013.07.05 12:21:05 | 000,001,999 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader.lnk
[1 \Users\krajta5\Desktop\*.tmp files -> \Users\krajta5\Desktop\*.tmp -> ]
[2013.11.20 21:12:55 | 000,064,000 | ---- | M] () -- \Users\krajta5\Desktop\Assassins.Creed.IV.Black.Flag.Crack.Only-RELOADED\Crack\uplay_r1_loader.dll
[2011.03.07 11:12:48 | 000,214,528 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\JDownloader.exe
[2011.03.07 11:12:48 | 000,593,293 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\JDownloader.jar
[2010.12.15 12:59:32 | 000,218,816 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\JDownloaderBETA.exe
[2010.12.15 12:59:32 | 000,218,816 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\JDownloaderD3D.exe
[2013.06.24 18:47:34 | 000,000,105 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.06.24 18:51:26 | 000,011,071 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.06.24 18:51:05 | 000,004,584 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.24 18:50:03 | 000,003,880 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\plugins\hoster\UploaderJp.class
[2013.06.24 18:50:08 | 000,007,073 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.03.07 11:14:46 | 000,032,222 | ---- | M] () -- \Users\krajta5\Desktop\JDownloader\licenses\jdownloader.license
[2012.04.05 17:28:25 | 000,000,540 | ---- | M] () -- \Users\krajta5\Documents\Minecraft 1.2.5\.minecraft\ModLoader.txt
[2012.04.05 16:50:09 | 000,000,540 | ---- | M] () -- \Users\krajta5\Documents\Minecraft 1.2.5\.minecraft\ModLoader.txt.1
[2012.04.05 17:23:43 | 000,000,120 | ---- | M] () -- \Users\krajta5\Documents\Minecraft 1.2.5\.minecraft\config\ModLoader.cfg
[2013.09.19 00:13:38 | 015,669,334 | ---- | M] () -- \Users\krajta5\Music\iTunes\iTunes Media\Mobile Applications\iDownloader 1.2.ipa
[2012.06.04 19:24:29 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.09.15 23:37:35 | 000,024,760 | ---- | M] () -- \Windows\assembly\GAC_32\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader\11.0.0.0__b03f5f7f11d50a3a\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.dll
[2013.09.15 23:37:35 | 000,023,224 | ---- | M] () -- \Windows\assembly\GAC_64\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader\11.0.0.0__b03f5f7f11d50a3a\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.dll
[2013.09.19 21:06:17 | 000,020,480 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Tde5bef3b#\17a37d344ad2cd6d94d21d131fdf6f11\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.ni.dll
[2013.09.19 21:06:17 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Tde5bef3b#\17a37d344ad2cd6d94d21d131fdf6f11\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.ni.dll.aux
[2013.09.19 21:08:15 | 000,577,536 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V09707a24#\f042600e2e0cbfba940b508f432e82b4\Microsoft.VisualStudio.Repository.Code.Native.Loader.ni.dll
[2013.09.19 21:08:15 | 000,001,324 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V09707a24#\f042600e2e0cbfba940b508f432e82b4\Microsoft.VisualStudio.Repository.Code.Native.Loader.ni.dll.aux
[2013.09.19 21:08:16 | 002,495,488 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbd7eeb5a#\2dfb9f034f9158bd16070d4a95ec76ff\Microsoft.VisualStudio.Repository.Runtime.Loader.ni.dll
[2013.09.19 21:08:16 | 000,001,708 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbd7eeb5a#\2dfb9f034f9158bd16070d4a95ec76ff\Microsoft.VisualStudio.Repository.Runtime.Loader.ni.dll.aux
[2013.09.19 21:18:35 | 000,027,136 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Tde5bef3b#\018b1519e670630d99b510f0a6329e0d\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.ni.dll
[2013.09.19 21:18:35 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Tde5bef3b#\018b1519e670630d99b510f0a6329e0d\Microsoft.TeamFoundation.WorkItemTracking.Client.DataStoreLoader.ni.dll.aux
[2008.07.30 09:06:58 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2008.07.29 02:43:16 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7097808D552E14A34AD60D7F8907C917\9.0.30729\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.09.15 23:48:15 | 000,375,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Repository.Code.Native.Loader\v4.0_11.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Repository.Code.Native.Loader.dll
[2013.09.15 23:48:15 | 001,408,624 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Repository.Runtime.Loader\v4.0_11.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Repository.Runtime.Loader.dll
[2013.09.15 23:54:11 | 000,015,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualStudio.Web.PageInspector.Loader\v4.0_1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Web.PageInspector.Loader.dll
[2013.11.25 19:43:23 | 000,059,704 | ---- | M] () -- \Windows\Prefetch\VPNDOWNLOADER.EXE-CE416BDB.pf
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2013.08.23 17:49:01 | 000,006,494 | ---- | M] () -- \Windows\temp\avg_a04432\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.5.0.2\modules\skin\ajax-loader.gif
[2013.08.23 17:49:01 | 000,000,729 | ---- | M] () -- \Windows\temp\avg_a04432\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.5.0.2\modules\skin\loader.gif
[2013.08.23 17:49:01 | 000,019,497 | ---- | M] () -- \Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.10.02 19:48:55 | 000,006,494 | ---- | M] () -- \Windows\temp\avg_a07896\ProgData\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12\modules\skin\ajax-loader.gif
[2013.10.02 19:48:55 | 000,000,729 | ---- | M] () -- \Windows\temp\avg_a07896\ProgData\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12\modules\skin\loader.gif
[2013.10.02 19:48:55 | 000,004,178 | ---- | M] () -- \Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\Chrome\content\icons\loader.gif
[2013.10.02 19:48:55 | 000,019,497 | ---- | M] () -- \Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.08.04 09:53:06 | 000,006,494 | ---- | M] () -- \Windows\temp\avg_a09116\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5\modules\skin\ajax-loader.gif
[2013.08.04 09:53:07 | 000,000,729 | ---- | M] () -- \Windows\temp\avg_a09116\ProgData\AVG SafeGuard toolbar\FireFoxExt\15.4.0.5\modules\skin\loader.gif
[2013.08.04 09:53:07 | 000,019,497 | ---- | M] () -- \Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.08.31 11:33:33 | 000,135,980 | ---- | M] () -- \Windows\temp\avnwldrtemp\networkloader.log
[2013.08.31 11:28:46 | 000,050,232 | ---- | M] () -- \Windows\temp\avnwldrtemp\setup\avwebloader.dll
[2013.08.31 11:28:47 | 000,231,480 | ---- | M] () -- \Windows\temp\avnwldrtemp\setup\avwebloader.exe
[2013.08.31 11:28:58 | 001,711,672 | ---- | M] () -- \Windows\temp\avnwldrtemp\setup\avwebloadergui.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.02.19 06:35:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.02.19 06:35:43 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.02.19 06:35:43 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.02.19 06:35:43 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.02.19 06:35:43 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.04 19:25:41 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.04 19:25:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.04 19:25:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.04 19:25:41 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.04 19:25:41 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.02.19 06:33:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 15:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

Re: prosím o kontrolu logu

Napsal: 25 lis 2013 22:23
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.5
[2013.07.05 12:24:06 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com
CHR - homepage: http://www.ask.com/?l=dis&o=14672cr
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O2 - BHO: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
SRV - [2013.10.23 19:43:27 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
O4 - HKU\S-1-5-21-998483296-4234481553-3123803521-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - Winlogon\Notify\ddCUkHAP: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\gEwTjIby: DllName - (gEwTjIby.dll) - File not found
O20 - Winlogon\Notify\hGvUNeCV: DllName - (hGvUNeCV.dll) - File not found
O20 - Winlogon\Notify\iifcCTMg: DllName - (iifcCTMg.dll) - File not found
O20 - Winlogon\Notify\vtUnkHxx: DllName - (vtUnkHxx.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.11.19 19:55:00 | 000,406,264 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\krajta5\Desktop\sc-cleaner.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[19 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[10 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[10 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[16 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\temp\avg_a04432\ProgData\*.tmp files -> C:\Windows\temp\avg_a04432\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]
[1 C:\Windows\temp\avg_a07896\ProgData\*.tmp files -> C:\Windows\temp\avg_a07896\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]
[1 C:\Windows\temp\avg_a09116\ProgData\*.tmp files -> C:\Windows\temp\avg_a09116\ProgData\*.tmp -> ]
[1 C:\Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\*.tmp files -> C:\Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\*.tmp -> ]
[2013.11.25 19:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.11.25 19:12:57 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.25 19:32:41 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"GarenaPlus"=-
"HiDownload"=-
"S60 PC Suite Tray"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=-
"UpdateLBPShortCut"=-
"UpdateP2GoShortCut"=-
"TkBellExe"=-
"DivXMediaServer"=-
"DivXUpdate"=-
"QuickTime Task"=-
"iTunesHelper"=-
"vProt"=-

:files
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files (x86)\AVG SafeGuard toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: prosím o kontrolu logu

Napsal: 26 lis 2013 11:59
od krajta5
All processes killed
========== OTL ==========
Service Amsp stopped successfully!
Service Amsp deleted successfully!
File C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: WebSiteRecommendation%40weliketheweb.com:1.0.5 removed from extensions.enabledAddons
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin\classic folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale\en-US folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\content folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome folder moved successfully.
C:\Users\krajta5\AppData\Roaming\Mozilla\Firefox\Profiles\dkhqnoho.default\extensions\WebSiteRecommendation@weliketheweb.com folder moved successfully.
Use Chrome's Settings page to change the HomePage.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
File V7\Passport_x64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Service APNMCP stopped successfully!
Service APNMCP deleted successfully!
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-998483296-4234481553-3123803521-1007\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddCUkHAP\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gEwTjIby\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hGvUNeCV\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifcCTMg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtUnkHxx\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\krajta5\Desktop\sc-cleaner.exe moved successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65F3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB4BF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB998.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC0C5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD10E.tmp\WindowsLive.Writer.BlogClient.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD10E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE217.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE85E.tmp\System.Data.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE85E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF7A6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1094.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1CE2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP23C6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP24A3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP29FD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2BFF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2C0B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2E02.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3699.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5A61.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP675A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7143.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7A46.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP85C3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP961D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB912.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE6D7.tmp folder deleted successfully.
C:\Windows\Installer\MSI1731.tmp deleted successfully.
C:\Windows\Installer\MSI9E6E.tmp deleted successfully.
C:\Windows\Installer\MSI9F0B.tmp deleted successfully.
C:\Windows\Installer\MSID513.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\9af26be0801a3975d7d883ef22715973\$dpx$.tmp folder deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\sho44A5.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\shoAB5B.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico1BEF.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico4B2C.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico758D.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico9878.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico9880.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoB4B2.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoB816.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoC419.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoD808.tmp deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoFE6B.tmp deleted successfully.
C:\Windows\temp\CR_5D9A3.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\temp\CR_5D9A3.tmp folder deleted successfully.
C:\Windows\temp\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en\Windows6.2-KB2764916-x86-pkgProperties.txt deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en\Windows6.2-KB2764916-x86.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en\Windows6.2-KB2764916-x86.xml deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en\WSUSSCAN.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en folder deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\ieinfra.manifest deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\ienrcore.exe deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\iexplore.exe deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7600.16385.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7600.16385.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.16562.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.16562.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17077.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17077.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17105.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17105.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17514.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~amd64~~8.0.7601.17514.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7600.16385.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7600.16385.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.16562.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.16562.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17077.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17077.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17105.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17105.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17514.cat deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\Microsoft-Windows-InternetExplorer-Optional-Package~31bf3856ad364e35~x86~~8.0.7601.17514.mum deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\NrPolicy.txt deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support\trustedinstaller.exe.manifest deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support folder deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en\Windows6.2-KB2764913-x86-pkgProperties.txt deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en\Windows6.2-KB2764913-x86.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en\Windows6.2-KB2764913-x86.xml deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en\WSUSSCAN.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en folder deleted successfully.
C:\Windows\temp\IE14ADF.tmp\HardwareBlockingList.xml deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Hyphenation_en.msu deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE-Hyphenation-cs.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE-Hyphenation-en.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE-Spelling-cs.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE-Spelling-en.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-neutral.Extracted.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\IE10-support.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp\SetupDownloadList.txt deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Spelling_en.msu deleted successfully.
C:\Windows\temp\IE14ADF.tmp\SQMAPI.DLL deleted successfully.
C:\Windows\temp\IE14ADF.tmp\Windows6.1-KB2718695-x64-cs-CZ.cab deleted successfully.
C:\Windows\temp\IE14ADF.tmp folder deleted successfully.
C:\Windows\temp\IE1F2E.tmp\Windows6.1-KB2533623-x64.cab deleted successfully.
C:\Windows\temp\IE1F2E.tmp folder deleted successfully.
C:\Windows\temp\IE2297.tmp\Windows6.1-KB2670838-x64.cab deleted successfully.
C:\Windows\temp\IE2297.tmp folder deleted successfully.
C:\Windows\temp\IE2739.tmp\Windows6.1-KB2729094-v2-x64.cab deleted successfully.
C:\Windows\temp\IE2739.tmp folder deleted successfully.
C:\Windows\temp\is78BA.tmp deleted successfully.
C:\Windows\temp\isB9B1.tmp deleted successfully.
C:\Windows\temp\RGI276D.tmp deleted successfully.
C:\Windows\temp\RGI96C7.tmp deleted successfully.
C:\Windows\temp\RGIBA6D.tmp deleted successfully.
C:\Windows\temp\RGIE67A.tmp deleted successfully.
C:\Windows\temp\TS_E713.tmp deleted successfully.
C:\Windows\temp\TS_E8B9.tmp deleted successfully.
C:\Windows\temp\UDD8EA9.tmp deleted successfully.
C:\Windows\temp\UDDC6C.tmp deleted successfully.
C:\Windows\temp\avg_a04432\ProgData\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\avg_a04432\ProgFiles\AVG SafeGuard toolbar\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\avg_a07896\ProgData\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\avg_a07896\ProgFiles\AVG SafeGuard toolbar\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\avg_a09116\ProgData\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\temp\avg_a09116\ProgFiles\AVG SafeGuard toolbar\FireFoxSearchXml.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GarenaPlus not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\HiDownload not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\S60 PC Suite Tray not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Nuance PDF Reader-reminder not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
========== FILES ==========
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork folder moved successfully.
File\Folder C:\Program Files (x86)\AVG SafeGuard toolbar not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 119520 bytes
->Temporary Internet Files folder emptied: 195 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 19567832 bytes

User: Ivanka
->Temp folder emptied: 325645 bytes
->Temporary Internet Files folder emptied: 195 bytes

User: krajta5
->Temp folder emptied: 1202916469 bytes
->Temporary Internet Files folder emptied: 228185963 bytes
->Java cache emptied: 12058571 bytes
->FireFox cache emptied: 148226619 bytes
->Google Chrome cache emptied: 310766547 bytes
->Flash cache emptied: 13890587 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Topag
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 726753213 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 2143832 bytes

Total Files Cleaned = 2 542,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest

User: Ivanka

User: krajta5
->Flash cache emptied: 0 bytes

User: Public

User: Topag

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Guest
->Java cache emptied: 0 bytes

User: Ivanka

User: krajta5
->Java cache emptied: 0 bytes

User: Public

User: Topag

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11262013_112827

Files\Folders moved on Reboot...
File\Folder C:\Users\krajta5\AppData\Local\Temp\hsperfdata_krajta5\5180 not found!
C:\Users\krajta5\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\krajta5\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz