VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=135392

Stránka 1 z 3

Prosím o preventivní kontrolu

Napsal: 11 led 2014 12:06
od z0ny
Dobrý den, prosím o kontrolu. Žádné problémy nepociťuji. Děkuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by z0ny at 2014-01-11 11:49:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (28%) free of 114 GB
Total RAM: 12286 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:49:20, on 11.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\NetMeter\NetMeter.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Hry\Steam\Steam.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Program Files (x86)\mIRC\mirc.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\z0ny.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = server.z0ny.net:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe" /q preferences
O4 - HKCU\..\Run: [NetMeter] C:\Program Files (x86)\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\z0ny\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe
O4 - Global Startup: System.lnk = C:\Windows\System32\taskmgr.exe
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CyberLink Product - 2011/08/13 01:33:46 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10275 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
WLIDSvcM.exe 1896
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe" /q preferences
"C:\Program Files (x86)\NetMeter\NetMeter.exe"
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Hry\Steam\Steam.exe" -silent
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Miranda IM\miranda32.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\foobar2000\foobar2000.exe"
"C:\Program Files (x86)\mIRC\mirc.exe"
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4692.0.1570332225\92322407" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.2723 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="4692.2.1249593794\2019573396" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="4692.3.441317037\485186255" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="4692.6.17822603\658102982" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --instant-process --disable-html-notifications --channel="4692.76.1556116381\367012247" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="4692.78.596726743\217415675" /prefetch:673131151
"C:\Users\z0ny\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group3 pct:10b stable:r7 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --disable-client-side-phishing-detection --renderer-print-preview --disable-html-notifications --channel="4692.87.1113736648\1522288177" /prefetch:673131151
"C:\Users\z0ny\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-28 350984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-28 53512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2009-11-12 361632]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-24 7477016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe [2010-03-07 1415632]
"NetMeter"=C:\Program Files (x86)\NetMeter\NetMeter.exe [2009-08-09 293888]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=C:\Hry\Steam\steam.exe [2014-01-07 1815464]
"Google Update"=C:\Users\z0ny\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-16 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-11-23 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [2010-08-02 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2010-06-02 222504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-12 5106904]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
System.lnk - C:\Windows\System32\taskmgr.exe

C:\Users\z0ny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Miranda IM.lnk - C:\Program Files (x86)\Miranda IM\miranda32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-01-11 11:49:19 ----D---- C:\rsit
2014-01-11 11:49:19 ----D---- C:\Program Files\trend micro
2014-01-08 12:10:44 ----D---- C:\Users\z0ny\AppData\Roaming\KeePassX
2014-01-03 02:06:49 ----D---- C:\Program Files (x86)\World of Warcraft
2013-12-16 04:05:00 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-12-14 02:13:05 ----D---- C:\Program Files (x86)\AMD
2013-12-12 22:41:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 22:41:25 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 22:41:25 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 22:41:24 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 22:40:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-12 22:40:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-12 22:40:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 22:40:15 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-12 22:40:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 22:40:14 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-12 22:40:14 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-12 22:40:14 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 22:40:14 ----A---- C:\Windows\system32\url.dll
2013-12-12 22:40:14 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-12 22:40:14 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 22:40:14 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 22:40:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 22:40:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-12 22:40:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 22:40:13 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 22:40:13 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 22:40:13 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 22:40:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 22:40:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 22:40:12 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-12 22:40:12 ----A---- C:\Windows\system32\vbscript.dll
2013-12-12 22:40:12 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 22:40:12 ----A---- C:\Windows\system32\jscript.dll
2013-12-12 22:40:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 22:40:10 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 22:40:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 22:40:09 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 22:38:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 22:38:57 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 22:38:56 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 22:38:56 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 22:38:56 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 22:38:55 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 22:38:55 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 22:38:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 22:38:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 22:38:46 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 22:38:46 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 22:38:46 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 22:38:46 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 22:38:46 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 22:38:46 ----A---- C:\Windows\system32\cscript.exe

======List of files/folders modified in the last 1 months======

2014-01-11 11:49:20 ----D---- C:\Windows\Temp
2014-01-11 11:49:19 ----D---- C:\Program Files
2014-01-11 11:19:47 ----D---- C:\Users\z0ny\AppData\Roaming\mIRC
2014-01-10 19:41:01 ----D---- C:\Windows\system32\config
2014-01-09 15:01:28 ----D---- C:\Program Files (x86)\mIRC
2014-01-09 13:30:59 ----D---- C:\Users\z0ny\AppData\Roaming\foobar2000
2014-01-09 11:33:02 ----D---- C:\Windows\System32
2014-01-09 11:33:02 ----D---- C:\Windows\inf
2014-01-09 11:33:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-09 11:27:08 ----D---- C:\Windows\system32\drivers
2014-01-09 11:27:07 ----D---- C:\ProgramData\NVIDIA
2014-01-09 11:27:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-09 11:27:04 ----D---- C:\Program Files (x86)
2014-01-08 09:51:44 ----D---- C:\Program Files (x86)\Origin
2014-01-07 15:45:37 ----HD---- C:\Users\z0ny\AppData\Roaming\.minecraft
2014-01-06 21:18:19 ----SHD---- C:\Windows\Installer
2014-01-06 21:18:19 ----SHD---- C:\Config.Msi
2014-01-06 17:53:50 ----D---- C:\Users\z0ny\AppData\Roaming\Mumble
2014-01-04 12:59:23 ----D---- C:\Windows\SysWOW64
2014-01-04 12:58:19 ----RSD---- C:\Windows\assembly
2014-01-03 02:07:18 ----D---- C:\Hry
2013-12-26 20:04:48 ----AD---- C:\ProgramData\TEMP
2013-12-22 20:34:04 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-12-16 18:50:16 ----D---- C:\Program Files (x86)\Google
2013-12-14 15:27:06 ----D---- C:\Windows\rescache
2013-12-13 22:56:21 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-12-13 22:31:17 ----D---- C:\Windows\winsxs
2013-12-13 01:18:38 ----D---- C:\Windows\SYSWOW64\migration
2013-12-13 01:18:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-13 01:18:38 ----D---- C:\Windows\system32\migration
2013-12-13 01:18:38 ----D---- C:\Windows\system32\DriverStore
2013-12-13 01:18:38 ----D---- C:\Windows\system32\cs-CZ
2013-12-13 01:18:38 ----D---- C:\Program Files\Windows Media Player
2013-12-13 01:18:38 ----D---- C:\Program Files\Internet Explorer
2013-12-13 01:18:38 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 01:18:38 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-12 23:19:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-12 22:41:33 ----D---- C:\Windows\system32\catroot2
2013-12-12 22:41:32 ----D---- C:\Windows\system32\catroot
2013-12-12 22:40:05 ----D---- C:\Windows\system32\MRT
2013-12-12 22:39:03 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-03-27 267872]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-08 834544]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-03-27 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-03-27 943712]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 truecrypt;truecrypt; C:\Windows\SysWOW64\drivers\truecrypt.sys [2010-03-07 222160]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-04 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-04 43680]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-03-27 251488]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-07-16 31232]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 ArcSec;ArcSec; C:\Windows\system32\drivers\ArcSec.sys []
S3 av2x7zwy;av2x7zwy; C:\Windows\system32\drivers\av2x7zwy.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-12 25640]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 30736]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SSMO3v2Filter;MMO3v2 Mouse; C:\Windows\system32\drivers\MO3v2Driver.sys [2010-12-17 23040]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-11-12 894136]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-27 2480048]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 920864]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-08 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/08/13 01:33:46; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-11-23 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 FastUserSwitchingCompatibility;AMD External Events Utility .NET.; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-10 1266464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-22 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-22 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-16 119408]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2009-07-16 36352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-01 541608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 11 led 2014 18:41
od Márty84
Zdravim :)


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 12:54
od z0ny
Dobry, přikládám logy

OTL.txt

OTL logfile created on: 12.1.2014 12:43:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\z0ny\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

12,00 Gb Total Physical Memory | 8,89 Gb Available Physical Memory | 74,07% Memory free
12,00 Gb Paging File | 8,63 Gb Available in Paging File | 71,96% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,88 Gb Free Space | 27,65% Space Free | Partition Type: NTFS
Drive D: | 293,19 Gb Total Space | 237,34 Gb Free Space | 80,95% Space Free | Partition Type: NTFS
Drive E: | 1862,77 Gb Total Space | 1249,11 Gb Free Space | 67,06% Space Free | Partition Type: NTFS
Drive F: | 517,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 5544,63 Gb Total Space | 736,95 Gb Free Space | 13,29% Space Free | Partition Type: NTFS
Drive U: | 923,13 Gb Total Space | 880,86 Gb Free Space | 95,42% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 573,11 Gb Free Space | 61,52% Space Free | Partition Type: NTFS

Computer Name: Z0NY-PC | User Name: z0ny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
PRC - [2014.01.07 22:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Hry\Steam\Steam.exe
PRC - [2013.12.06 09:21:13 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.23 16:26:30 | 003,298,864 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files (x86)\mIRC\mirc.exe
PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.14 12:14:54 | 001,771,008 | ---- | M] (Peter Pawlowski) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.03.07 22:10:09 | 001,415,632 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
PRC - [2010.03.04 21:44:06 | 000,696,931 | ---- | M] ( ) -- C:\Program Files (x86)\Miranda IM\miranda32.exe
PRC - [2009.11.12 03:49:16 | 000,361,632 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.11.12 03:48:30 | 005,106,904 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.07 22:00:22 | 001,138,088 | ---- | M] () -- C:\Hry\Steam\bin\chromehtml.dll
MOD - [2014.01.07 22:00:22 | 000,121,256 | ---- | M] () -- C:\Hry\Steam\bin\audio.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Hry\Steam\libavresample-1.dll
MOD - [2013.12.12 23:19:08 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.12.12 23:04:18 | 020,625,832 | ---- | M] () -- C:\Hry\Steam\bin\libcef.dll
MOD - [2013.12.12 23:04:14 | 000,716,800 | ---- | M] () -- C:\Hry\Steam\SDL2.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013.12.04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Hry\Steam\libavutil-52.dll
MOD - [2013.06.15 00:49:16 | 000,153,088 | ---- | M] () -- C:\Hry\Steam\bin\mssvoice.asi
MOD - [2013.06.15 00:49:16 | 000,071,680 | ---- | M] () -- C:\Hry\Steam\bin\mssmp3.asi
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Hry\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Hry\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Hry\Steam\bin\avutil-51.dll
MOD - [2012.09.14 12:13:32 | 001,632,256 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2012.09.14 12:13:32 | 000,359,936 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2012.09.14 12:13:28 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2012.09.14 12:13:10 | 000,915,968 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2012.09.14 12:13:08 | 000,303,616 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2012.09.14 12:12:50 | 000,287,744 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2012.09.14 12:12:44 | 000,491,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2012.09.14 12:11:24 | 000,150,016 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2010.04.21 14:03:30 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_seek_box.dll
MOD - [2010.04.21 13:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2010.03.04 21:45:42 | 000,090,215 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\srmm.dll
MOD - [2010.03.04 21:43:32 | 000,052,839 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\zlib.dll
MOD - [2010.03.04 21:43:16 | 000,314,989 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\ICQ.dll
MOD - [2010.03.04 21:43:04 | 000,036,976 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\dbx_mmap.dll
MOD - [2010.03.04 21:42:46 | 000,061,553 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\clist_classic.dll
MOD - [2010.03.04 21:42:44 | 000,213,095 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\chat.dll
MOD - [2010.03.04 21:42:38 | 000,064,613 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\avs.dll
MOD - [2009.08.10 14:53:54 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\stopspam.dll
MOD - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.16 04:05:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.12 23:19:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.01 20:52:49 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.11.23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.11.12 03:50:24 | 000,894,136 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.07.16 10:20:06 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 15:25:44 | 000,023,040 | ---- | M] (Sagatek Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MO3v2Driver.sys -- (SSMO3v2Filter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.07.04 02:32:36 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.07.04 02:32:36 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.04.27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.03.27 12:56:05 | 000,267,872 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.03.27 12:03:36 | 000,251,488 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010.03.27 12:03:35 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258)
DRV:64bit: - [2010.03.27 12:03:33 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.03.08 20:03:38 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009.07.16 10:20:26 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.17 17:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.02.13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2005.04.13 22:17:52 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0801.sys -- (tap0801)
DRV - [2010.03.12 20:51:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC A7 18 DD 25 BE CA 01 [binary data]
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes,DefaultScope = {9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = server.z0ny.net:3128


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Users\z0ny\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions
[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.cz/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Download Helper (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\plugin/download_helper.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Users\z0ny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Bejeweled = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: HTTP Headers = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg\1.0.0.2_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011.11.15 01:51:22 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [NetMeter] C:\Program Files (x86)\NetMeter\NetMeter.exe ()
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [Steam] C:\Hry\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [TrueCrypt] C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\z0ny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.227.171.26 46.227.171.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5087D5D-0EA8-4B7D-A9E4-ED3C60E8BF8E}: DhcpNameServer = 46.227.171.26 46.227.171.25
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.16 02:42:34 | 001,201,152 | ---- | M] (ShockingSoft) - E:\AutoClicker.exe -- [ NTFS ]
O32 - AutoRun File - [2006.10.02 13:17:07 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.10.02 13:17:07 | 000,000,624 | R--- | M] () - F:\autorun.cfg -- [ CDFS ]
O32 - AutoRun File - [2006.10.02 13:19:19 | 000,000,068 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell - "" = AutoRun
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{963a5456-1fb7-11e3-8032-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{963a5456-1fb7-11e3-8032-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2006.10.02 13:17:07 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.01.12 12:19:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.08 12:10:44 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2014.01.06 21:31:53 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\BotaniculaSaves
[2014.01.06 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\Another World
[2014.01.04 12:58:25 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Local\Criterion Games
[2014.01.03 08:31:51 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\SavedGames
[2014.01.03 06:32:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2014.01.03 02:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013.12.16 18:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.12.16 04:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.12.14 02:13:10 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\WB Games
[2013.12.14 02:13:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.12 12:26:58 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.12 12:26:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job
[2014.01.12 12:26:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.12 12:22:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.12 12:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.12 12:17:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.12 12:17:16 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2014.01.09 11:34:12 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 11:34:12 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 11:33:02 | 001,507,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.09 11:33:02 | 000,641,418 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.09 11:33:02 | 000,627,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.09 11:33:02 | 000,130,986 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.09 11:33:02 | 000,113,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.09 11:27:04 | 1072,525,310 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.07 15:11:46 | 000,000,600 | ---- | M] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2014.01.03 06:43:47 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.22 20:33:57 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.16 18:50:17 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.12.13 22:31:11 | 000,277,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.12 12:22:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.03 02:20:54 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.12.16 18:50:17 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.10.22 17:08:19 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Roaming\winscp.rnd
[2011.06.13 19:33:43 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.16 02:54:04 | 000,004,508 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp21.html
[2010.08.16 02:40:47 | 000,000,778 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp1.html
[2010.06.30 19:23:03 | 000,007,626 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Resmon.ResmonCfg
[2010.03.20 21:05:37 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2010.03.11 15:02:25 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\PUTTY.RND

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.05.04 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Subversion
[2014.01.07 15:45:37 | 000,000,000 | -H-D | M] -- C:\Users\z0ny\AppData\Roaming\.minecraft
[2012.01.29 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\.Nitrous
[2010.03.11 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Acronis
[2013.07.31 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Audacity
[2013.08.06 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Battle.net
[2012.10.21 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Bioshock
[2010.03.08 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BITS
[2013.02.23 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Broad Intelligence
[2011.06.06 14:26:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer
[2010.03.08 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer Pro
[2011.09.20 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Cobra Mobile
[2013.04.20 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Curse Advertising
[2011.10.09 01:52:03 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CzDC
[2010.03.09 18:48:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\DAEMON Tools Lite
[2011.09.04 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Feedreader
[2010.03.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\FlashGet
[2014.01.09 13:30:59 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\foobar2000
[2010.03.09 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\GHISLER
[2013.09.08 01:18:20 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Image-Line
[2013.10.06 02:36:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\JetBrains
[2013.11.04 14:53:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KB-ext
[2014.01.08 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2011.04.17 01:24:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Lazy 8 Studios
[2013.07.13 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leadertech
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leawo
[2010.03.09 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mikrotik
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Moyea
[2014.01.06 17:53:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mumble
[2010.03.09 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NetMeter
[2010.03.09 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Notepad++
[2013.08.16 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Origin
[2011.04.03 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Rovio
[2013.07.13 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\SteelSeries
[2010.03.12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Subversion
[2011.07.08 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\System
[2011.01.26 01:16:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Sytexis Software
[2010.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Thunderbird
[2010.03.07 22:27:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TrueCrypt
[2013.07.21 00:51:41 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TS3Client
[2013.05.22 20:07:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Wargaming.net
[2010.03.18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Western Digital
[2011.07.08 18:53:16 | 000,000,000 | -HSD | M] -- C:\Users\z0ny\AppData\Roaming\wyUpdate AU
[2013.08.18 01:32:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XnView
[2010.07.24 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XRay Engine

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61

< End of report >

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 12:55
od z0ny
Extras.txt

OTL Extras logfile created on: 12.1.2014 12:43:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\z0ny\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

12,00 Gb Total Physical Memory | 8,89 Gb Available Physical Memory | 74,07% Memory free
12,00 Gb Paging File | 8,63 Gb Available in Paging File | 71,96% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,88 Gb Free Space | 27,65% Space Free | Partition Type: NTFS
Drive D: | 293,19 Gb Total Space | 237,34 Gb Free Space | 80,95% Space Free | Partition Type: NTFS
Drive E: | 1862,77 Gb Total Space | 1249,11 Gb Free Space | 67,06% Space Free | Partition Type: NTFS
Drive F: | 517,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 5544,63 Gb Total Space | 736,95 Gb Free Space | 13,29% Space Free | Partition Type: NTFS
Drive U: | 923,13 Gb Total Space | 880,86 Gb Free Space | 95,42% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 573,11 Gb Free Space | 61,52% Space Free | Partition Type: NTFS

Computer Name: Z0NY-PC | User Name: z0ny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C6B432-9806-4571-A226-773A8898E8A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{088F764D-3D98-4FD1-9B42-409C7F8AE5E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{089141DB-0A8C-42CA-9DF5-8DB8966474D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{0C3990A4-B929-4CAF-9FB3-FC7D0D986CE9}" = rport=445 | protocol=6 | dir=out | app=system |
"{0C75ABCF-C95A-469F-8718-9780B8D16AE9}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D849876-BE70-4F3D-AC68-0AA6178B03B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50DAE3B5-9B3A-46B8-B7F7-24C7F2F41EED}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{615F16FB-B734-4D31-8A72-A01FE8A2B152}" = lport=445 | protocol=6 | dir=in | app=system |
"{61CBEA9D-8475-47E4-B029-46157DED42A4}" = rport=138 | protocol=17 | dir=out | app=system |
"{68CBE0E6-556C-4F34-9D66-8C63DB2EF440}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{764746E1-D9DF-475B-B62A-252028C39A23}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7757EADF-68B5-4B2F-A0D2-018AD085CD95}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA705AF5-513B-4D12-9733-E955507D03B8}" = rport=139 | protocol=6 | dir=out | app=system |
"{D21920F9-CAD3-4803-87CA-64DDFAB20A4F}" = lport=137 | protocol=17 | dir=in | app=system |
"{DA29B9D1-16D2-4A13-BBB2-99DC2E2833AC}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BC95A-AFCA-439A-9A25-D91BF9590FD8}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{00F1CD5E-DBC2-4F90-85E9-4F29B7219BE0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\command and conquer red alert 3 uprising\support\ea help\electronic_arts_technical_support.htm |
"{01047F53-4A01-49D4-9369-957EB3E53FAE}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{01424EDA-52D5-4BA9-A47A-28635D29B237}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\splinter cell\system\splintercell.exe |
"{018FB6DB-3414-463C-AB12-1FB7B9D369A0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\ibomber defense\game.exe |
"{02ABD8AA-0C12-4477-AAE2-3EC0A55D5F82}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{036D8298-512E-49B1-8E98-7847CE9E92B6}" = protocol=17 | dir=in | app=e:\zdata\origin\simcity\simcity\simcity.exe |
"{0381129A-47F8-4DB5-8AC8-FF59C181984B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{03B0CB1A-0327-4EC3-8988-46E00A429261}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\crysis\bin32\crysis.exe |
"{0418095F-9442-4310-A073-702611571C57}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{042EDEFC-3D5B-4C9D-815B-628CF013B6D2}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{0445E400-6A7D-4D63-BB1D-878A49F7277A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{048E4134-8E29-4CC2-857A-BB245D2067C4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\codsp.exe |
"{04AEA089-065A-4763-AE7A-0A82B9AB78E4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{05096996-4044-4512-84D2-4B54FA02017A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{05CE9297-BA15-4682-BC06-C3C751A6EBDF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{06E572B4-64F2-4C64-9F50-8D7BD8224CB9}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\dogfighter\bin\x86_vc8\dogfightersteam.exe |
"{0702F17F-5478-462C-B922-A8744C582C17}" = protocol=17 | dir=in | app=e:\zdata\origin\medal of honor warfighter\mohw.exe |
"{073730BF-8F80-40FB-BA41-FE0AB3E9E511}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{07553E9A-59C3-4FDD-BEE7-85B576465B1E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{076F24FF-FCC3-4B76-AA08-6A44A2D2364D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\alien swarm\srcds.exe |
"{07926B8A-3522-45C4-8FD6-4B801FEA4D43}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\limbo\limbo.exe |
"{08B45248-C77D-4E19-A726-D2A436F8E870}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{08DFBA4A-E0E6-4D5E-827A-961C45F4AFCA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
"{09058DBC-6365-49E8-8E7D-92C5215EA962}" = protocol=6 | dir=in | app=e:\zdata\origin\simcity\simcity\simcity.exe |
"{09E31074-E2B2-430C-AB67-2BA4F773DE5A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\sacred 2 gold\system\sacred2.exe |
"{0C0CF698-1170-4A44-902F-E6DF2D70B47A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (propulsion gel)\smp.exe |
"{0C759880-0E0F-4804-B9F5-6CD314080DAF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil operation raccoon city\raccooncity.exe |
"{0CB467DD-BE13-4835-97E2-62F74B0AD539}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\cogs\cogs.exe |
"{0CF32FD6-B626-45E1-9DFD-C7F73BCFA468}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{0DD64941-47FF-4C93-A760-50FF6ECB36D5}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\microsoft flight\flight.exe |
"{0E5B51C1-1259-4E48-8B3A-75E26935110B}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\alien swarm\srcds.exe |
"{0FC90C72-7D32-41DB-847D-A89477E9EA75}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{103FF7CB-20D1-4DC8-BA39-6BDC229308FE}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{12869E77-B98B-41F4-9B42-3673733E5A19}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\saints row the third\game_launcher.exe |
"{131443A2-2626-4C0F-98B0-A76D795D153D}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos behind enemy lines\readme.doc |
"{132F126D-C6F3-4D27-91D8-B0ABFC897E48}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{13866091-BC08-49C5-A9CA-1F5290BA8D4C}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{14DD96E4-041B-4E99-AEB7-996902A7ED39}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 2 men of courage\readme.rtf |
"{158DD05B-1980-460F-800F-B2192CF33E56}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{18CE9E11-D7F4-4589-8F08-6CB9D15361CA}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{18EA80E1-6FEE-40BC-8A4A-684DBF9BC367}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{1A32F22E-D39A-44D0-A57F-012D790FCE96}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (lasers)\smp.exe |
"{1A7856EA-E034-4BA1-9FC0-6E1522799A0D}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\max payne 2 the fall of max payne\maxpayne2.exe |
"{1A901167-463B-4032-B8A6-F32B72F72E5B}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\metro last light\metroll.exe |
"{1B38D757-F71E-4B50-98BA-2549676EE443}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{1B725D3D-E1AF-4D8B-A1FE-CA9D80FE7627}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{1DB7E98F-3CB9-4CB0-96CE-2A61D5CAD13C}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2\portal2.exe |
"{1EDDF078-6D12-4D9F-90C4-1967C755C9F2}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\neverwinter nights 2\nwn2.exe |
"{1EFC50F7-79DE-4B1D-AAB7-46CC840B03B7}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\farcry\bin32\farcry.exe |
"{1F532005-7BFB-47AE-9E37-AB9705EE83B3}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos behind enemy lines\comandos.exe |
"{207ED3A0-CF06-4057-99B5-32C10CB66CDA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\sacred 2 gold\system\sacred2.exe |
"{20B72539-86CF-4365-AA5E-F4175CD3E528}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{20F573B8-2262-4442-9B55-A58B23596C36}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\need for speed hot pursuit\support\ea help\electronic_arts_technical_support.htm |
"{20FD32F1-F3CB-478E-AA86-FC407F84AE9E}" = protocol=6 | dir=in | app=e:\zdata\origin\battlefield 3 open beta\bf3.exe |
"{217CCF6C-855D-4569-ACA3-1D672886AA03}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{21A634CE-69DB-4A03-875A-B820CEA3C1BA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\splinter cell - double agent\scdalauncher.exe |
"{21C12E64-5274-478E-9699-F24D93B617CA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{2317D979-7279-4555-989C-21BAB447479B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{239CC676-1FB2-4691-990B-EFD337CFD1EF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{25EC89E6-2096-4EEE-9820-007BC6F8A3AF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\bit.trip beat\beat.exe |
"{26DBD64F-5F70-4E6F-A91F-3E0403BA291B}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 2\cod2sp_s.exe |
"{27C01CDA-FE53-43CD-A823-40522A833B15}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{2A9892B5-DB1C-4170-8558-AE02975179C4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\machinarium\machinarium.exe |
"{2AFC5AA8-750F-4E5D-96F4-D46FC2AA9AAE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2B2FE9A6-DCCC-4098-BF42-CB12814A8C71}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{2B789798-9D9C-4618-8F87-CD57023E0E5B}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\codmp.exe |
"{2BC82065-81C6-46D6-BE6A-519F73AEF330}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (bounce)\smp.exe |
"{2CA16B2B-2661-4EEE-BD4D-00BEA293EEA5}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\codsp.exe |
"{2CDE6BA0-FB34-4151-AD3D-9AD908CA8DA9}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{2D8AA6FB-2091-48C8-9B3B-EFD7A2339072}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{2D9E87BB-2E43-4F7B-9A3D-C41E08B4E256}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\codsp.exe |
"{2DD39708-6BA8-4FDB-AEF1-EB620DEF3C52}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{2E10E8D7-107A-4A29-9F9F-69294DE0A68D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2E3CBE0F-1DF7-4609-B52A-AF8C33626D0C}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{2FD098EF-7F51-41CF-B874-6CF966CF1393}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (lasers)\smp.exe |
"{30366F5E-DFF9-48F8-8409-DF69EB1ABBE0}" = protocol=6 | dir=in | app=c:\hry\steam\steam.exe |
"{3075482A-8961-4290-B50D-90ABA292ABE0}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\cryostasis\cryostasis.exe |
"{30E1222A-20A0-4533-B3F4-7AE741F2A076}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\command and conquer red alert 3 uprising\ra3ep1.exe |
"{311BB4C3-DAC9-4DD3-ABEB-5C30FA70CB7E}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (propulsion gel)\smp.exe |
"{3176E146-77D5-4E67-BD3F-116C424CF9D2}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{31C6961B-08D0-4BDE-B997-D101A65F4CC6}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\peggle nights\pegglenights.exe |
"{3323289D-3D8B-4F68-91A8-7F6AA8F85501}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\just cause 2\justcause2.exe |
"{33EF6D59-84DA-4035-B38B-973E219B594F}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\garrysmod\hl2.exe |
"{347823E9-749B-4F59-8A9E-19CC49AD4162}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\max payne\maxpayne.exe |
"{34A00BB5-BAE1-42EF-BCC1-464685FD7991}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{3618F156-5D81-4430-9E14-4EFB0455B6F6}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
"{369E2EF8-4671-4308-8A0C-E2AF358CABFE}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\batman2\runlauncher.bat |
"{374464F0-8D69-469F-AF70-F522402758F6}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 3 destination berlin\commandos3.exe |
"{38213F57-5482-49CC-B402-EDDDEAF29308}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{384C4C4B-B584-4EE8-BC57-99E7EE6CBE3D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\peggle nights\pegglenights.exe |
"{3930B54D-9D10-4D34-9127-03D2ED3218AD}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\shelter\shelter.exe |
"{39776A52-827B-45F6-B721-0C918C77F625}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\max payne 2 the fall of max payne\maxpayne2.exe |
"{39F6F56C-3AFA-41AA-AD66-C820122D2554}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (suction)\smp.exe |
"{3BDD82D3-9240-4406-85E9-FCC36FCC5977}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{3BF85EF9-68FA-4C5B-8F53-3C7AEC3C8EBC}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{3CE7AC8E-422A-40A2-AEA4-AABAD27A4CE5}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{3CE7DF17-F6BD-40E0-93D2-D71E18F947E6}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mafia\game.exe |
"{3DDC2C7D-A09D-4B0E-9F13-5315E1819E28}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{3E449528-22A2-4E23-91E4-D562933B4E3B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\silent hill homecoming\bin\silenthill.exe |
"{3E783B96-5FE4-4A57-89DF-011AE0E73F70}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (faith plates)\smp.exe |
"{3E8EE9E2-380E-4672-B6FF-9F52726F4079}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\alien swarm\swarm.exe |
"{3EF601D8-09F3-44C6-8DA2-87E3AD74A2E8}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\ibomber defense\game.exe |
"{412C8E9B-3081-4A87-8450-BCA330942A5F}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\coduosp.exe |
"{42BEB7CD-E8A5-453B-8D64-3B555F2A70E5}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 6\bh6.exe |
"{43E42C6E-7461-4C80-BE37-D2DAA2B6DDA7}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |
"{448AB425-18BE-4DFA-9C5A-8E06967FC3ED}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{44C32B4E-A08C-4109-9E78-8888800B1F4F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\limbo\limbo.exe |
"{44DC56BD-0A0B-4480-B7C7-49D214B463FD}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\battlefield 2\bf2.exe |
"{4596308E-E424-4CF7-A5E3-689F0B9F3CE0}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\silent hill homecoming\bin\silenthill.exe |
"{45DFF186-31D3-48F2-BEBE-F3DB445F241D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 3 destination berlin\readme.rtf |
"{4838AACA-A0AD-4C22-97F0-3D9BE7B4FE75}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal\hl2.exe |
"{48409286-8B5C-45E9-8162-17CC712B673A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{4850F592-2B65-41A4-B088-90E6F9D1BEC6}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\coduomp.exe |
"{48EFA5EA-2019-4D0E-AF25-BA54FBF8A5A4}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{491EEB9F-8E94-4825-9A16-29AC59BF875A}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{4A6139FD-98D5-431E-AB29-9B94D591AE9E}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\bit.trip beat\beat.exe |
"{4A87F8D6-0DDD-4971-BAE1-92603C2F0F6B}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\max payne 2 the fall of max payne\maxpayne2.exe |
"{4CB5E51C-490D-4BED-A0DE-B7FD0223A6E2}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{4EF12C7F-BE32-46E0-AD18-79113BC2D9C0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{506DBEEB-5811-457D-B8BE-DD930A08AB5D}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{50ADE744-4CB3-4A04-832D-F4BCFE9B214F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos behind enemy lines\comandos.exe |
"{50BF68F1-BA34-4D7E-90CA-6D9BBEDE578B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 teaser\smp.exe |
"{515DC669-F415-4022-89EA-D6A51154F4E1}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\world in conflict\wic.exe |
"{5165F7F9-0D10-4397-B81B-079EDE1B3492}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\another world\menubonus.bat |
"{51E01B71-15A3-4595-A225-B9D385434C40}" = protocol=6 | dir=in | app=e:\zdata\origin\battlefield 3 beta\bf3.exe |
"{5228ACA8-CF19-48CE-8101-5A9DE1340E77}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 6\bh6.exe |
"{541349FC-8DA3-4A36-8C61-EC1B7BA1203A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{5438F1B6-809E-4F5F-A605-9E2271CA1F7D}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (wheatley)\smp.exe |
"{54701704-4A3D-4971-BE75-D8B127C335B0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{54AB6727-DF4B-4D66-B2F7-2FEEAC73FA17}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\dota 2 beta\dota.exe |
"{5512A6ED-A030-4C1E-86CB-EE3850EC43AC}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 5\launcher.exe |
"{56124074-5540-4D0E-B1D5-93B25DD7E4B9}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\trackmania united\tmforever.exe |
"{570F1694-9983-46A5-91B5-B2C80BCB79D0}" = protocol=17 | dir=in | app=e:\zdata\origin\battlefield 3 beta\bf3.exe |
"{578146DD-9865-4BD2-B812-6CF36BC1A153}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{579CE965-E968-4E0A-A5AA-CA63A667A05A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm |
"{57F23074-9387-42FD-BC32-662C90FE5DCE}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\peggle deluxe\peggle.exe |
"{585AC18E-EDD3-41B1-909B-86FA87C149CA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{58A9A791-4522-4F1F-822A-08A81156738F}" = protocol=17 | dir=in | app=e:\zdata\origin\battlefield 3\bf3.exe |
"{58BBF93B-56C3-4478-8430-9AE25CA6B81F}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\neverwinter nights 2\nwn2.exe |
"{5908D347-320A-4988-95F5-F67EC28A5F48}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\garrysmod\hl2.exe |
"{59A13426-FD69-44EF-8691-13EEB473FED6}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\half-life\hl.exe |
"{5BC5BDE6-93F5-49CC-9E06-346DD8669D91}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\need for speed hot pursuit\support\ea help\electronic_arts_technical_support.htm |
"{5C7BA543-0357-471F-A50B-080EE03E1B73}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\crysis\bin32\crysis.exe |
"{5DA53500-112E-4F0F-9F1B-97633B14456E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp.exe |
"{5E0B4C4C-7860-450F-B5F9-7D098A84C1A3}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{5E9297B5-96BC-4E79-BDD7-7E3292D73375}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{5EFCBBE5-67B8-47AD-A504-CF6B06427E49}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{5F4E6BF4-A512-4DAB-905D-CA660D0422FA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (suction)\smp.exe |
"{5F74C810-3A28-4DA9-888D-501200B44361}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\machinarium\machinarium.exe |
"{5F82A2C3-A7DB-4226-9743-8F3E51444F8A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{604B07BD-F340-444F-96DD-F1DD6AC5ACEE}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{60BCBD85-03E6-4E2F-ABEE-CF37516114FB}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mafia\game.exe |
"{611834C7-79F3-4F06-B394-89C83EE879B5}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{63651E5C-6B6F-412D-ACE9-5ADB35D10B18}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{6372CA2E-B6BD-4892-B9FD-43D2788D09ED}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\metro 2033\metro2033.exe |
"{63BBA6CE-32E6-4D53-8C9F-F5228D6B47D9}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 2\cod2sp_s.exe |
"{644B1312-3641-41B6-A87C-8014A41F9805}" = protocol=17 | dir=in | app=c:\hry\steam\steam.exe |
"{64E8C310-0532-4777-901D-A572216B58F0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\just cause 2\justcause2.exe |
"{6569C078-CF1D-4F83-9D9A-20AD6D77D9D7}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{65A660D0-FF62-4840-97D9-9DE041DEBF77}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{660445F3-5B10-4D81-AC9E-D77B5725D1BC}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\z0ny\half-life source\hl2.exe |
"{66B0EC62-1344-43CC-811D-B78EC535DD88}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\crysis\bin32\crysis.exe |
"{66F65E61-DDB5-40D1-A406-D9070AD70F6B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\botanicula\botanicula.exe |
"{67A33A37-2A7C-44EA-89EF-14700821EA79}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\peggle deluxe\peggle.exe |
"{67B4EE9A-E812-48AC-A047-C6D11871EC4A}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{685D875C-00F6-4678-A8C7-3CA2FEAAEBFB}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{686FB34D-7AD4-4894-AB91-F5B0FC18995A}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{68900532-35D5-42DC-A7D5-49E5C9A5E6FA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\solsurvivor\solsurvivor.exe |
"{68F6DDB6-D845-4FFB-81C1-D4A432B27586}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\peggle extreme\peggleextreme.exe |
"{6947E846-CC89-4DD8-9FBD-535629D16ADC}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\solar 2\solar2.exe |
"{69BB1389-18D2-4AD0-8730-F2CB762F5045}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal\hl2.exe |
"{6A143A8E-6565-40E1-BBB6-2977B4109B08}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{6A9B1848-5FB4-4C02-B762-BD24E7851777}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\another world\anowor.exe |
"{6B100933-173D-44C5-BD83-4A0CDEDDEB5E}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\another world\menubonus.bat |
"{6C0F0C84-546F-43B8-9A75-D2D14FC6A2CB}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\metro last light\metroll.exe |
"{6CE1F604-00CA-4098-A942-7958BBBF3C0A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{6D1B7332-F1D7-4423-A415-D96FB5E35670}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{6EA96DC6-254B-48B7-8C0C-92459FC645CC}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |
"{6F04275A-833C-4F01-84C8-4541F06E20DE}" = protocol=17 | dir=in | app=e:\zdata\origin\battlefield 4 alphatrial\bf4.exe |
"{710F12A1-18B3-43CA-9390-F84C3E1D7308}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\doom 3\doom3.exe |
"{7118D62F-91E9-4CA3-848E-07F9E7394AC1}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
"{73CA14F9-4E77-4E3D-81BE-F011776B52A9}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (wheatley)\smp.exe |
"{73DA0F39-5CB4-43F8-B368-BC2907237FCF}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{7553D0E8-3BAA-490D-9189-C4731B5161C2}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{786B946C-58AB-490D-8818-1A04B10B6994}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\batman2\runlauncher.bat |
"{7A20CA1C-4EE1-4019-BCCE-7AEA33D93A4F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{7C05806C-B0F0-47F0-BDD1-9B5FF9154389}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{7C0C7C30-9F97-4FDB-B692-F340F7003E20}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\codmp.exe |
"{7C1D5E04-E103-4780-805C-EBF7BE8036DB}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (excursion funnels)\smp.exe |
"{7DA9CE91-EBA6-4098-8A4E-578AF55A9088}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\half-life 2\hl2.exe |
"{7E22E4B5-B2D9-4B72-9A54-37754484A8BA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{7E2D7E1A-9F9B-4DA4-9E27-7D652B422C5F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos beyond the call of duty\tutorial.exe |
"{7E78EC80-ECC6-49BB-9EAB-2F906A7D505E}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\cogs\cogs.exe |
"{7F1BA2CB-F5E2-4B03-89FF-7C0B65D62C3A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{7FCF2FA4-697F-4B6D-9AB1-00E0B5204F4C}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\z0ny\opposing force\hl.exe |
"{803E7FE7-48B5-4A09-83D9-E4B2C5A54D8A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{81B56A01-6377-412D-870A-C85817B8D849}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{81C1BCF8-BB03-4EE0-B206-71EFCEEEB662}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{81F1C251-5139-4305-AEC6-31DDB7120B5A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{820204B3-D647-40DA-962E-0AD4B172AF58}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 6 benchmark tool\re6.exe |
"{83220C10-F04C-45AE-932A-2B385AB92EBA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{83EB87BD-2F4D-4DBB-97E1-288CF1EC99DB}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\z0ny\opposing force\hl.exe |
"{84D7BB73-D078-439F-B6DE-619D618BD976}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\left 4 dead\left4dead.exe |
"{852858D5-2694-4157-AB89-6BE0D7D9265A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\need for speed hot pursuit\nfs11.exe |
"{8553EFDB-B7D6-4698-A5D9-B573F9AC3246}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\coduosp.exe |
"{858FC2A7-8DF8-4638-AA16-3A78A69BF4F1}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\risen 2\system\risen2.exe |
"{86983484-47A2-4DB8-8C16-5F4AF8613B58}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\splinter cell - double agent\scdalauncher.exe |
"{86C4821E-84BB-4681-A0CF-6DD94F3689EF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\defcon\defcon.exe |
"{8769FAD8-CB56-4F3B-8269-A937A2E5FA4B}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\dead space\dead space.exe |
"{882E25FF-89B3-4247-AE5F-1B64F34805A3}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mafia\setup.exe |
"{88BC50CC-599A-4B3F-84D8-BCA5C3E6DE57}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{88CD7290-7865-4186-B281-19E5DA6B7419}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 2\cod2mp_s.exe |
"{88E87D4D-D368-485A-86EC-496F33617840}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\battlefield 2\bf2.exe |
"{891D73E8-ABDF-41A1-B692-A9B0F5008581}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\cryostasis\cryostasis.exe |
"{89B3D4B2-B7D1-41B2-A5DA-116A024BF377}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\codsp.exe |
"{8A0302AE-DD50-45D8-97DB-99D5ABCD8FA4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{8AFAD614-22FD-47D9-9972-3BDCB1A9A850}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{8B61FF65-962F-4D03-8F3D-291A090F5743}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\lume\lume.exe |
"{8BC53D57-8D0E-47E8-947F-399946317E89}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{8BDAE57C-76E0-46F9-93AE-A23BCBF2FE66}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{8BFC15E4-8B52-4652-BF7A-446369162A76}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{8C13B870-067A-41F5-993C-38A9E5F8881B}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\dota 2 beta\dota.exe |
"{8CACA564-4E6C-4F47-8E8D-386E8772295D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (excursion funnels)\smp.exe |
"{8E3FFEB8-7C46-4522-82A4-CC90E75C05B6}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{8E7BD32B-051D-452D-ACD8-EA1499B848BA}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\cryostasis\cryostasis.exe |
"{8F4745E7-8F49-42B5-8B4D-37791AE96481}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 3 destination berlin\commandos3.exe |
"{8FA64F2B-251C-4CB2-8B15-3773BE7E05EF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\osmos\osmos.exe |
"{8FD8FAC6-9411-465E-A24E-FAC15AD32812}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{9057900B-0C47-4FD1-9460-154261F763E1}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\risen 2\system\risen2.exe |
"{907CCF6E-CA6E-4BB3-A406-EB48A3FB04BA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\half-life\hl.exe |
"{91B71C8E-EAC2-4A36-B5DF-9B055A399F12}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\wolfenstein trailer hd\smp.exe |
"{922F2337-B802-477C-896B-3600B0DCAF77}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\alien swarm\swarm.exe |
"{92546F22-17B9-428B-BDAF-D068ABA5A9D8}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{925ACBAC-AA40-41CB-8ED4-642D3A5497C5}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{92B3A65C-4425-4615-8695-8FCCC38E3CE4}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\lume\lume.exe |
"{937AD529-A01D-4FBC-8354-1A90EA2C0B41}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\dead space\dead space.exe |
"{939D62C9-518B-4AB9-8B08-F7C83574F319}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{946AAFEB-C14C-46BB-B372-769FDBD66765}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{955CBD2F-EEEA-4D76-9635-F0B1B3FB751F}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\magicka\magicka.exe |
"{95DC4576-5F08-4713-A02B-6F2F6E89AB3A}" = protocol=17 | dir=in | app=e:\zdata\origin\battlefield 4 beta\bf4.exe |
"{96A62748-5AE6-417F-92C3-A48CE1F23A31}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{9705F862-302B-4076-807F-BFA8792C3338}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\z0ny\half-life source\hl2.exe |
"{97F7C1C6-B6C7-4B11-A4DC-38F8D9BD5887}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil operation raccoon city\raccooncity.exe |
"{992F8B2B-5D9B-4738-B6AB-3C99D12FE532}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\botanicula\botanicula.exe |
"{99DAB5A0-AD2F-4AD8-A542-8853C80AB310}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{9A3FDF3C-76CF-405A-8296-EB127F867728}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{9AFD5A2B-1A24-4FF5-9B00-B6A05EE0FD67}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\crysis\bin32\crysis.exe |
"{9B7EB6BA-1A8C-40C7-9C7F-B176051011CA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{9C118CDF-84DF-42E4-BA67-4830198E28C6}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{9D6B9B3E-D344-4E54-958E-97072A6A1FE0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{9D92A741-C6D2-4B5D-B8C7-84A4D8854A5A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\alien swarm\swarm.exe |
"{9E58DDAA-6AF6-4468-BAD3-A291A088F08C}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{9E75101E-D7F7-4DAA-9BB0-67FDB8A06CE2}" = protocol=6 | dir=in | app=e:\zdata\origin\battlefield 3\bf3.exe |
"{9F5248B6-3780-4AD4-9754-B781D3AC3E76}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\cryostasis\cryostasis.exe |
"{9F876475-882F-48CA-9DF1-F0723819780E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A0307A8C-94C1-4320-8CC3-1FDBD1BC2695}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\arma 2 free\arma2free.exe |
"{A03B727A-22CE-47E7-9A7F-1E4CD4C3187D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"{A0DD9F3B-B8F1-4780-A970-19F9C5FD6547}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{A143F56E-DDC1-43B2-AC8D-170B6B892109}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\metro 2033\metro2033.exe |
"{A22B27AF-2E06-4766-9650-92E818B37012}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{A3AD9073-5B1B-442B-A111-7901B1EC7004}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{A44E7C00-B5FD-4F1A-BFEB-F3C04BF9F75D}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{A558B16D-CF10-462C-AF84-31C1CFBD3F15}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 3 destination berlin\readme.rtf |
"{A56D4693-43FA-48C1-9343-C33A8A50DFA7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A5CF9908-BD44-425E-9B5C-EF65132563F9}" = protocol=58 | dir=in | app=system |
"{A6AF6C87-AEA6-4072-855A-FDFA5E7BC027}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{A76CA3C0-9642-448C-9681-761619782FD0}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 2 men of courage\readme.rtf |
"{A76E00D1-85BE-4B1F-99A4-29C7E6DD0755}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{A7A346E8-B62E-4810-90A4-F219FFF3E8A3}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\fallout new vegas enplczru\falloutnvlauncher.exe |
"{A866A370-5979-4A42-9201-89A0F6CC9B61}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{A8BDE348-37F0-49F3-A178-271F99A6EB5F}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\solar 2\solar2.exe |
"{A9159CB9-F5FA-4EBC-9340-1FFFBB61B647}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\trackmania united\tmforeverlauncher.exe |
"{A93BFB5D-0F44-4C64-8A46-BBA3B8AECEFD}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\saints row 2\sr2_pc.exe |
"{A94DB89F-38B8-42A0-81E0-4E453EC4E09B}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\alien swarm\srcds.exe |
"{A98BC200-E5A8-4794-A40A-23FB1F92CF37}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{AA044112-A265-4D49-985B-5FA9E7230B1C}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos beyond the call of duty\coman_mp.exe |
"{AA3730B9-D56D-4DCB-BD9C-E12D9A910007}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{AB550BAE-84F4-4236-95AF-DD1B8E4A37CA}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{AB9DD728-6AC2-45EE-B4C3-0850286099D5}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\codmp.exe |
"{AC64799A-9AA5-4D1D-848D-CC71F262F239}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{AD40281C-F28B-4E64-BF36-CED51FF0AA31}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{AD6CFA95-2312-4DFA-9B92-7AEE482743B0}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\max payne\maxpayne.exe |
"{ADC1674A-6604-47BB-AA51-A3F9B51492BA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{AE772206-3AEA-46CC-9643-4FEA19C23789}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{AF7B2CF2-2000-445C-BAD8-4A21BA5A378A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{B1E4DC5F-1DC5-4A6C-8FE5-8FABBD53A571}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp.exe |
"{B20E012C-A5DC-478D-A0C1-232354A80C6E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\fallout new vegas enplczru\falloutnvlauncher.exe |
"{B2AA74B2-B535-4579-BDFA-BE2794501C92}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 5\launcher.exe |
"{B3492621-762E-42CB-ACEB-EE541E74AACF}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{B3AF2774-41CD-4240-ADE0-8DD90237BC2C}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\shelter\shelter.exe |
"{B4CBB711-E02C-4FC7-8231-F88EEFFCEF6B}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\microsoft flight\flight.exe |
"{B5DC639D-228C-4CEF-865C-CBC7123DB74E}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{B656FE1D-2A32-485E-87DD-04B9B74BA4F2}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{B66F9ADA-71BE-4ECA-9C72-B7B598140791}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{B6CF978F-CE90-4125-A5B1-7C10EDE2E315}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{B71077CC-534D-4741-9EEC-4B6FB529697A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B72EDBEE-3567-4007-B8E4-660DDD9EFC5D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{B77A0254-AB19-43C9-95C1-75EF00D970BF}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{B7D6E893-DC98-4295-99C2-184F469BC781}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{B7F3C237-AFD5-4C37-A404-488FF08C33D9}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\railworks\railworks.exe |
"{B8E397C3-4ABA-408D-A775-B846337884B1}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{BCC4578A-1132-4C0F-A937-8B0029AD7E70}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos behind enemy lines\readme.doc |
"{BD03A37B-F93A-4615-9396-70DB0D36BD3F}" = protocol=6 | dir=in | app=e:\zdata\origin\battlefield 4 beta\bf4.exe |
"{BD187ABF-6838-4BBC-AD13-4DF68CAB9102}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{BD25DD4D-96CE-4E86-9D25-D55505641236}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\peggle deluxe\peggle.exe |
"{BE41F98E-EEA7-41D0-84D1-BE877170DD6F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\arma 2 free\arma2free.exe |
"{BEDCDBAF-AA01-4DF3-B853-27BB5C77B968}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\eufloria\eufloria.exe |
"{C0217188-696D-4251-95B8-244F6D44AC28}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\wolfenstein trailer hd\smp.exe |
"{C02C8031-1B98-4CAA-BF7A-6D96DF7E8E05}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\alien swarm\swarm.exe |
"{C14D2A18-BAE8-4BF9-8152-F7DC644DDF57}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\metro 2033\metro2033.exe |
"{C1B1032C-DD7F-4B38-A4E3-F9335513E4C5}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{C39EA2CA-80CE-46F6-889A-5AC0D137FEE5}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{C46749BA-FDA9-4B7A-A398-F5B6FDBF1500}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{C49926A4-02E7-4145-9884-4858E76F89AE}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\dogfighter\bin\x86_vc8\dogfightersteam.exe |
"{C4E48C90-1477-4D26-8F25-1F890A0EB029}" = protocol=17 | dir=in | app=c:\hry\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{C52599F3-C8C4-418B-8C45-80F11C66AD1C}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{C544D938-383E-4B43-902F-17A6BEC32CA8}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\max payne\maxpayne.exe |
"{C5620B50-BF6A-40CF-B4EE-B60CE634DEF7}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{C5649043-DA58-4E8F-A794-F67DC760697C}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{C6BD1B75-5F49-407F-879D-1CAB4F819086}" = protocol=6 | dir=in | app=e:\zdata\origin\simcity\simcity\simcity.exe |
"{C6EF97F9-5029-4D34-B22D-648FE68BB86D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\world in conflict\wic.exe |
"{C71AABE1-3063-43E6-B4D8-2CDB69169B54}" = protocol=17 | dir=in | app=e:\zdata\origin\simcity\simcity\simcity.exe |
"{C7DD53EA-2741-4487-9A16-43E571FD1023}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\command and conquer red alert 3 uprising\ra3ep1.exe |
"{C8BAC19C-C991-4333-8550-20DC01B3ACFB}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\splinter cell\system\splintercell.exe |
"{CC488243-9E77-4964-8FCB-A2E720C97779}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{CC617848-F935-4F4A-A3C0-14E00358B233}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{CC67406D-03AD-483A-8F41-C1F72676D890}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\farcry\bin32\farcry.exe |
"{CCBA3E4F-B220-42D4-A5F9-2EAEFED7AC69}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{CD9545BF-6D2A-4866-AFCC-856470B1721A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{CF70912A-7A81-4CD5-975F-73CA95674F82}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\need for speed hot pursuit\nfs11.exe |
"{D080C2FB-6332-4EDD-86F1-87675DE63ED9}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\splintercell chaos theory\system\splintercell3.exe |
"{D10DAB15-8DC8-46B5-AC3A-6908C8DA7DF0}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\peggle deluxe\peggle.exe |
"{D148F368-A231-4B22-AEF1-B02A60AACC6E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\another world\anowor.exe |
"{D1ACFD27-14F9-4082-838F-9FC8CF598661}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\doom 3\doom3.exe |
"{D21104EF-B938-42B4-82A6-A601494C3C5D}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\magicka\magicka.exe |
"{D28E744F-A85D-4E0B-A70A-8DF4A6285881}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\metro 2033\metro2033.exe |
"{D28EDA66-C4F7-46EE-8A2A-C671110A1B7F}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\coduosp.exe |
"{D305AC98-6620-4351-B09A-175C08C3416A}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\quake 3 arena\quake3.exe |
"{D33174F4-7A2E-4E10-923D-000E93D6BCF4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\osmos\osmos.exe |
"{D3B6FF15-98BB-41FA-965F-F05F47562755}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2\portal2.exe |
"{D3B9CF7D-60FC-40B4-A6AE-255E678F2475}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{D4707E95-4E95-4094-996D-2D43BBB8ECC3}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (faith plates)\smp.exe |
"{D608D406-B14D-4394-A2C8-7A1B4313E7E0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{D65D9E38-DD82-4905-B12D-6A23833D856D}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\codmp.exe |
"{D69F8D26-3C03-4377-9918-CA96023087B8}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\star trek online\star trek online.exe |
"{D7D91780-0641-4BBA-BE13-E14FF0DFB487}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\coduomp.exe |
"{D8AE4DBD-692D-4988-AB1E-242E3945039D}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\half-life 2\hl2.exe |
"{D9CAC426-9B04-4664-9741-30D43D68AEE4}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{DAB5740E-07DB-4354-85B3-48C0B3B4B119}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
"{DBAC4C43-B5FF-4D55-A065-AFF0F8FB3669}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\max payne\maxpayne.exe |
"{DC4DB3DC-E54A-429B-85CD-1FAF66098C92}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\resident evil 6 benchmark tool\re6.exe |
"{DC9E9730-2BF7-4164-A7D4-972F2D07C84E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 teaser\smp.exe |
"{DD158AEF-AA1C-4A0B-A600-895DEF8A034A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\coduomp.exe |
"{DD7AC20C-2C63-47DC-B214-7F439D15292D}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\peggle nights\pegglenights.exe |
"{DDFFF98B-C9E7-43FB-85BB-2E4E63C61DDB}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{DE74B00C-4712-4A46-8DC9-FF2B1424195E}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{DEA38313-5C42-4D88-BC78-E5A3D2B27F23}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E01126AB-C33C-464D-92E4-4AF916F39730}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\saints row the third\game_launcher.exe |
"{E02DFDEF-290C-40EC-9608-D95B2864D76E}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\call of duty\coduomp.exe |
"{E1271EDF-1A4D-4C75-8CB3-54172732C3BA}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{E239F4A5-D9FA-4642-A817-7C4F973BBCD1}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{E297E902-A425-4BF4-9447-3F1FF0A6FFF5}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\command and conquer red alert 3 uprising\support\ea help\electronic_arts_technical_support.htm |
"{E2D4CE5C-BE82-4705-A231-BACF996D5C90}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{E2ECE838-9FAB-44A3-8AD5-BDD4A4F4A747}" = protocol=17 | dir=in | app=e:\zdata\origin\battlefield 3 open beta\bf3.exe |
"{E357583A-12C0-46D5-AB36-DB62B3F33779}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 2\cod2mp_s.exe |
"{E411FE30-A212-4D55-B2C3-452711FF3E4A}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{E4626F3F-9293-4833-AF3A-B0C1C248246E}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\quake 3 arena\quake3.exe |
"{E473A87B-0972-4593-9C30-78559D7D16E8}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{E4A6F632-D695-41A5-9AD4-6C4C635CD31F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{E4DA4BBE-D372-43F1-B169-7E3BBC30A182}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{E52285EE-2971-4B26-A256-F0E9DEFA9313}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{E6761E08-3FE8-4F8F-B344-747FB522FED3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E6AE81BB-48E5-4AC6-BEA3-57CAE8C8E831}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\peggle nights\pegglenights.exe |
"{E6BE3014-4C1F-4133-9DE0-F66A2176FDD4}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{E6EAA2BB-E025-4E4C-A15E-02736E8D1F1D}" = protocol=6 | dir=in | app=e:\zdata\origin\medal of honor warfighter\mohw.exe |
"{E88276A7-6891-4CA0-B357-A6200C2B24A0}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{E9FC74DB-36A1-4A75-A18D-6FB5A27B7256}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\mafia\setup.exe |
"{EA37789C-39CE-471E-921D-55C421F7D910}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{EA43FBA4-BD12-4B1B-B2C5-C3E824ACE175}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{EA9A511E-D05A-4150-AD8B-3BDB17313571}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{EB064B06-E358-4A72-968D-A5E9A2C259C9}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\railworks\railworks.exe |
"{EBEE1F34-19A3-4400-9C3D-9AC038F906BF}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\defcon\defcon.exe |
"{EC50EEEF-0CCE-469E-9BF8-71F7824EFBA5}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe |
"{ECB19EAD-5E93-4D9B-A788-F82AE7B47F03}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\portal 2 e3 demo (bounce)\smp.exe |
"{ECFD62BD-A31F-4BD2-8DDD-602FEAF92468}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\max payne 3\max payne 3\maxpayne3.exe |
"{ED169038-1845-4EE7-BF79-E09860302B02}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\max payne 2 the fall of max payne\maxpayne2.exe |
"{ED3A3AFF-0122-4F15-9E71-8D92A52CB177}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{EE08B93A-9915-4F95-9380-3AAE32ED7C87}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{EF3FA03B-67AC-4758-96E5-46D329DA89DB}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\farcry\bin32\farcryconfigurator.exe |
"{EF66C154-F6A4-4FCF-915D-B8581F2766E7}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\eufloria\eufloria.exe |
"{EFBA93BA-1E37-4FBC-8A68-BCFB45942769}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\solsurvivor\solsurvivor.exe |
"{EFF00059-3343-4669-9F51-4546275F5E2A}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{F0336FA6-143D-44E0-91A8-A6C10935FF4F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{F0687206-5C95-4C7F-ACFA-C0C5FCDE606B}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{F180D8CC-3B5C-4C1F-9318-D57CA1C30853}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{F2A67FC0-4B6A-475A-AC87-04853490F776}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos beyond the call of duty\tutorial.exe |
"{F2E0B8D3-EC06-4F86-B228-4C88F13C8813}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\left 4 dead\left4dead.exe |
"{F4A2E0D4-890D-41D5-BE1D-11360926F750}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{F5244DE9-6BBE-4777-801D-6559E9954C34}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\commandos beyond the call of duty\coman_mp.exe |
"{F5ECF736-2774-4E02-8888-F43A9B7ACBED}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\dota 2 beta\dota.exe |
"{F5FED7D9-1C73-4CB1-975B-A55CF9203218}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\star trek online\star trek online.exe |
"{F6DE5252-EF96-4323-A186-3C29D767E62B}" = protocol=6 | dir=in | app=c:\hry\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{F7F91355-898A-43DE-BE14-01D32A3112F7}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\battlefield 2\support\ea help\electronic_arts_technical_support.htm |
"{F88E83B9-EDCC-4EDF-AECF-8445B6512AA1}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty\coduosp.exe |
"{F89A39DB-6CA8-43FE-91CC-BDE88294FC28}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\trackmania united\tmforever.exe |
"{F9F6FE15-75B3-4AEC-A288-3FC79FC1A1D9}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{FA91A36E-7893-46A8-BC4C-6FCA62C0E874}" = protocol=6 | dir=in | app=e:\zdata\origin\battlefield 4 alphatrial\bf4.exe |
"{FCDC53B1-5689-4899-BF67-A6FB16B77EA2}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{FE07BFB6-2955-4331-A894-02BAC33A6539}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\alien swarm\srcds.exe |
"{FE131EFD-C50B-4F38-8B10-E05010686A46}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\dota 2 beta\dota.exe |
"{FE50972D-43C7-4FAC-80F7-461774EB7960}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\splintercell chaos theory\system\splintercell3.exe |
"{FEF9F2BF-C10E-418A-B22E-D8BE1CA1AF3F}" = protocol=6 | dir=in | app=e:\zdata\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{FF828F7E-E324-44D3-9642-6B9195EED6A3}" = protocol=17 | dir=in | app=e:\zdata\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"TCP Query User{53825B94-A1B5-4068-B022-95D4B80CE24A}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{C6196050-7DA6-4ABB-B230-02807131F579}C:\program files (x86)\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget\flashget.exe |
"UDP Query User{56BBEEB3-C63F-4B74-B898-17574473E659}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"UDP Query User{E7C7AF83-F0AF-4ECB-A324-5C409B07F935}C:\program files (x86)\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget\flashget.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC5
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416033FF}" = Java(TM) 6 Update 33 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{59A771CB-592A-4E44-AF5D-A6CD5C768755}" = Slik Subversion 1.8.3.1 (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160330}" = Java(TM) SE Development Kit 6 Update 33 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}" = Desktop Restore
"{9F313496-82E8-4A99-9D4C-311531023746}" = TortoiseSVN 1.6.7.18415 (64 bit)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"LameACM" = Lame ACM MP3 Codec
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"OpenSSL Light (64-bit)_is1" = OpenSSL 1.0.0 Light (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WhoCrashed_is1" = WhoCrashed 2.10

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1040143F-FEFB-4B90-8E51-E47D40E14C4E}" = Medal of Honor™ Warfighter
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D67C0F6-F3DD-477F-842F-133D3B679626}_is1" = DogFighter_Launcher version 1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD Advisor 2.0
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{476CD9DE-C45F-4443-BFA7-E51C58B7E455}" = Populous
"{4C556B5C-8EF7-47B4-AE05-FE71EEB2C25B}" = Plus Pack for Acronis True Image Home 2010
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper verze 3.2.0
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{706AE61D-40A4-4F50-8359-FE8F6F7FA461}" = Acronis Drive Monitor
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Luxusní bydlení – Kolekce
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1" = H.264 Encoder 1.5
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D4830EE9-E795-4CCA-AA7A-612A4E565977}" = SnapAPI
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"AMIP" = AMIP (remove only)
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Battlelog Web Plugins" = Battlelog Web Plugins
"BSPlayerf" = BS.Player FREE
"Commandos II" = Commandos II
"Diablo III" = Diablo III
"Direct Registry Browser_is1" = Direct Registry Browser version 1.0
"Emperor" = Emperor: Battle For Dune
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"FlashGet" = FlashGet 1.9.6.1073
"foobar2000" = foobar2000 v1.1.15
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LameACM" = Lame ACM MP3 Codec
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Miranda IM" = Miranda IM 0.8.16
"mIRC" = mIRC
"Mozilla Thunderbird 24.2.0 (x86 cs)" = Mozilla Thunderbird 24.2.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetMeter_is1" = NetMeter 1.1.4 BETA
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.1_rc19
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RubyMine 5.4.3.2.1" = JetBrains RubyMine 5.4.3.2.1
"S2TNG" = The Settlers II - 10th Anniversary
"Scorpions WinCheater 2.07 (pouze program)_is1" = Scorpions WinCheater
"SH2K" = Shai-Hulud 2000 (remove only)
"ST5UNST #1" = MED2k
"Steam App 10090" = Call of Duty: World at War
"Steam App 104000" = iBomber Defense
"Steam App 105100" = Lume
"Steam App 10680" = Aliens vs. Predator
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 12100" = Grand Theft Auto III
"Steam App 12110" = Grand Theft Auto: Vice City
"Steam App 12120" = Grand Theft Auto: San Andreas
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 12900" = Audiosurf
"Steam App 130" = Half-Life: Blue Shift
"Steam App 13520" = Far Cry
"Steam App 13560" = Tom Clancy's Splinter Cell
"Steam App 13570" = Tom Clancy's Splinter Cell: Chaos Theory
"Steam App 13580" = Tom Clancy's Splinter Cell: Double Agent
"Steam App 1520" = DEFCON
"Steam App 17410" = Mirror's Edge
"Steam App 17460" = Mass Effect
"Steam App 17470" = Dead Space
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 19000" = Silent Hill: Homecoming
"Steam App 19900" = Far Cry 2
"Steam App 200260" = Batman: Arkham City GOTY
"Steam App 200710" = Torchlight II
"Steam App 204100" = Max Payne 3
"Steam App 20510" = S.T.A.L.K.E.R.: Clear Sky
"Steam App 207690" = Botanicula
"Steam App 209100" = Resident Evil™: Operation Raccoon City
"Steam App 209109" = Resident Evil Operation Raccoon City Preorder
"Steam App 21690" = Resident Evil 5
"Steam App 221040" = RESIDENT EVIL 6 / BIOHAZARD 6
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 22490" = Fallout: New Vegas
"Steam App 225640" = Sacred 2 Gold
"Steam App 22600" = Worms Reloaded
"Steam App 229950" = Resident Evil 6 Benchmark Tool
"Steam App 233550" = Another World
"Steam App 24010" = Train Simulator 2012
"Steam App 244710" = Shelter
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 24800" = Command and Conquer: Red Alert 3 - Uprising
"Steam App 24980" = Mass Effect 2
"Steam App 2620" = Call of Duty
"Steam App 2640" = Call of Duty: United Offensive
"Steam App 26500" = Cogs
"Steam App 2760" = Neverwinter Nights 2: Platinum
"Steam App 280" = Half-Life: Source
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 4000" = Garry's Mod
"Steam App 40390" = Risen 2 - Dark Waters
"Steam App 40700" = Machinarium
"Steam App 40990" = Mafia
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 41210" = Eufloria
"Steam App 41700" = S.T.A.L.K.E.R.: Call of Pripyat
"Steam App 41800" = Gratuitous Space Battles
"Steam App 42500" = DogFighter
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 43160" = Metro: Last Light
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 45000" = Sol Survivor
"Steam App 47790" = Medal of Honor(TM) Single Player
"Steam App 47870" = Need for Speed: Hot Pursuit
"Steam App 48000" = LIMBO
"Steam App 49520" = Borderlands 2
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 57419" = Batman: Arkham City
"Steam App 630" = Alien Swarm
"Steam App 63700" = BIT.TRIP BEAT
"Steam App 6830" = Commandos 2: Men of Courage
"Steam App 6840" = Commandos 3: Destination Berlin
"Steam App 70" = Half-Life
"Steam App 7200" = TrackMania United
"Steam App 72200" = Universe Sandbox
"Steam App 7670" = BioShock
"Steam App 7850" = Cryostasis
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Steam App 8190" = Just Cause 2
"Steam App 9480" = Saints Row 2
"Steam App 97000" = Solar 2
"Steam App 98200" = Frozen Synapse
"Steam App 9900" = Star Trek Online
"TrueCrypt" = TrueCrypt
"VentriloMIX" = VentriloMIX
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"x264vfw64" = x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
"XnView_is1" = XnView 2.04

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1" = Ruby 1.9.3-p448
"101a9f93b8f0bb6f" = Curse Client
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.1.2014 7:53:52 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 3.1.2014 9:51:05 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.1.2014 10:11:34 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 5.1.2014 10:47:16 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 7.1.2014 15:35:07 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 8.1.2014 19:30:04 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 9.1.2014 6:27:44 | Computer Name = z0ny-PC | Source = Windows Search Service | ID = 3006
Description =

Error - 9.1.2014 6:27:44 | Computer Name = z0ny-PC | Source = Windows Search Service | ID = 3007
Description =

Error - 9.1.2014 6:27:45 | Computer Name = z0ny-PC | Source = Windows Search Service | ID = 10021
Description =

Error - 10.1.2014 6:07:38 | Computer Name = z0ny-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acronis\TrueImageHome\BartPE\Files\TrueImage.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 13.12.2013 17:30:58 | Computer Name = z0ny-PC | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 13.12.2013 17:31:12 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7023
Description = Služba AMD External Events Utility .NET. byla ukončena s následující
chybou: %%126

Error - 13.12.2013 17:31:13 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ArcSec

Error - 13.12.2013 17:33:14 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 13.12.2013 17:33:14 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 9.1.2014 6:27:03 | Computer Name = z0ny-PC | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 9.1.2014 6:27:08 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7023
Description = Služba AMD External Events Utility .NET. byla ukončena s následující
chybou: %%126

Error - 9.1.2014 6:27:09 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: ArcSec

Error - 9.1.2014 6:29:10 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 9.1.2014 6:29:10 | Computer Name = z0ny-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 13:29
od z0ny
Jen pro info dodám:
- jednotky D I U Z jsou síťové jednotky
- některé steam složky mají vytvořené symbolické linky do E:/zData/Steam (kvůli mistu)
- složka c:\Hry\Origin\ má vytvořený symbolický link na E:/zData/Origin (kvůli mistu)

A u prvního příspěvku jsem nechtěně zaškrtnul nepoužívat BBCode a nemohu to už editovat, tak se omlouvám

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 13:32
od Márty84
Ten prvni log ale neni cely. Okopiroval jste tam ten text, jak bylo v navodu?

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 13:52
od z0ny
Márty84 píše:Ten prvni log ale neni cely. Okopiroval jste tam ten text, jak bylo v navodu?
http://server.z0ny.net/OTL.Txt tj ten vygenerovany otl.txt
Nicmene tyhle logy jsou az z druheho pokusu, pri prvnim pokusu to po nejake dobe napsalo ze to nemuze vytvorit nejaky .bat soubor na plose a program nic nedelal (~7 minut ukazoval to stejne), mozna to muze byt ten problem, jinak na druhy pokus vse dojelo az do konce a vygenerovalo logy

EDIT: aha je mozne ze v druhem pokusu jsem an to zapomel, pustim to znova pro jistotu

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 14:20
od Márty84
Kdyby zase vypsal chybu, pouzijte tento upraveny skript.

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

A log pak zkopirujte sem.

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 15:12
od z0ny
Predchozi script hodil chybu viz. http://server.z0ny.net/chyba.png, tak jsem pouzil ten druhy a ten vypsal tento OTL.txt log

OTL logfile created on: 12.1.2014 14:42:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\z0ny\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

12,00 Gb Total Physical Memory | 8,92 Gb Available Physical Memory | 74,36% Memory free
12,00 Gb Paging File | 8,73 Gb Available in Paging File | 72,81% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 30,64 Gb Free Space | 27,43% Space Free | Partition Type: NTFS
Drive D: | 293,19 Gb Total Space | 237,34 Gb Free Space | 80,95% Space Free | Partition Type: NTFS
Drive E: | 1862,77 Gb Total Space | 1249,11 Gb Free Space | 67,06% Space Free | Partition Type: NTFS
Drive F: | 517,12 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 5544,63 Gb Total Space | 736,95 Gb Free Space | 13,29% Space Free | Partition Type: NTFS
Drive U: | 923,13 Gb Total Space | 880,09 Gb Free Space | 95,34% Space Free | Partition Type: NTFS
Drive Z: | 931,51 Gb Total Space | 573,11 Gb Free Space | 61,52% Space Free | Partition Type: NTFS

Computer Name: Z0NY-PC | User Name: z0ny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
PRC - [2014.01.07 22:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Hry\Steam\Steam.exe
PRC - [2013.12.06 09:21:13 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.23 16:26:30 | 003,298,864 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files (x86)\mIRC\mirc.exe
PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.14 12:14:54 | 001,771,008 | ---- | M] (Peter Pawlowski) -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2012.01.15 03:58:30 | 004,431,328 | ---- | M] (Thorvald Natvig) -- C:\Program Files (x86)\Mumble\mumble.exe
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.03.07 22:10:09 | 001,415,632 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
PRC - [2010.03.04 21:44:06 | 000,696,931 | ---- | M] ( ) -- C:\Program Files (x86)\Miranda IM\miranda32.exe
PRC - [2009.11.12 03:49:16 | 000,361,632 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.11.12 03:48:30 | 005,106,904 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.07 22:00:22 | 001,138,088 | ---- | M] () -- C:\Hry\Steam\bin\chromehtml.dll
MOD - [2014.01.07 22:00:22 | 000,121,256 | ---- | M] () -- C:\Hry\Steam\bin\audio.dll
MOD - [2013.12.12 23:19:40 | 000,142,848 | ---- | M] () -- C:\Hry\Steam\libavresample-1.dll
MOD - [2013.12.12 23:19:08 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.12.12 23:04:18 | 020,625,832 | ---- | M] () -- C:\Hry\Steam\bin\libcef.dll
MOD - [2013.12.12 23:04:14 | 000,716,800 | ---- | M] () -- C:\Hry\Steam\SDL2.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013.12.04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013.11.05 02:12:06 | 000,890,592 | ---- | M] () -- C:\Hry\Steam\libavutil-52.dll
MOD - [2013.09.14 14:02:42 | 000,031,752 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\l4d2.dll
MOD - [2013.09.14 14:02:42 | 000,022,536 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\borderlands2.dll
MOD - [2013.09.14 14:02:42 | 000,019,976 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\sr.dll
MOD - [2013.07.09 21:19:21 | 000,022,024 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cs.dll
MOD - [2013.07.04 19:45:05 | 000,023,560 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\borderlands.dll
MOD - [2013.07.02 23:12:15 | 000,037,384 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\insurgency.dll
MOD - [2013.07.02 23:12:15 | 000,022,536 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\etqw.dll
MOD - [2013.07.02 23:12:15 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut2004.dll
MOD - [2013.07.02 23:12:14 | 000,037,384 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\gmod.dll
MOD - [2013.07.02 23:12:14 | 000,021,000 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\gtaiv.dll
MOD - [2013.07.02 23:12:14 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\breach.dll
MOD - [2013.06.30 13:04:03 | 000,024,584 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wolfet.dll
MOD - [2013.06.30 13:04:03 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bfbc2.dll
MOD - [2013.06.30 13:04:03 | 000,016,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\tf2.dll
MOD - [2013.06.19 18:10:42 | 000,032,264 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut99.dll
MOD - [2013.06.19 18:10:42 | 000,022,536 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\l4d.dll
MOD - [2013.06.19 18:10:42 | 000,018,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\link.dll
MOD - [2013.06.19 18:10:41 | 000,038,920 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf3.dll
MOD - [2013.06.19 18:10:41 | 000,038,920 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2.dll
MOD - [2013.06.19 18:10:41 | 000,036,872 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\aoc.dll
MOD - [2013.06.19 18:10:41 | 000,022,536 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\gw.dll
MOD - [2013.06.19 18:10:41 | 000,022,024 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\blacklight.dll
MOD - [2013.06.19 18:10:41 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bfheroes.dll
MOD - [2013.06.19 18:10:41 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf1942.dll
MOD - [2013.06.19 18:10:41 | 000,020,488 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\arma2.dll
MOD - [2013.06.15 00:49:16 | 000,153,088 | ---- | M] () -- C:\Hry\Steam\bin\mssvoice.asi
MOD - [2013.06.15 00:49:16 | 000,071,680 | ---- | M] () -- C:\Hry\Steam\bin\mssmp3.asi
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Hry\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Hry\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Hry\Steam\bin\avutil-51.dll
MOD - [2013.06.07 21:31:39 | 000,016,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\hl2dm.dll
MOD - [2013.06.07 21:31:38 | 000,016,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dods.dll
MOD - [2013.06.07 21:31:38 | 000,016,392 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\css.dll
MOD - [2012.09.14 12:13:32 | 001,632,256 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2012.09.14 12:13:32 | 000,359,936 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2012.09.14 12:13:28 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2012.09.14 12:13:10 | 000,915,968 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2012.09.14 12:13:08 | 000,303,616 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2012.09.14 12:12:50 | 000,287,744 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2012.09.14 12:12:44 | 000,491,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2012.09.14 12:11:24 | 000,150,016 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2012.08.26 12:06:33 | 000,023,112 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\lol.dll
MOD - [2012.08.14 20:30:14 | 000,020,552 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\jc2.dll
MOD - [2012.05.01 13:58:53 | 000,037,960 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\dys.dll
MOD - [2012.05.01 13:58:53 | 000,031,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\wow.dll
MOD - [2012.05.01 13:58:53 | 000,023,624 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\sto.dll
MOD - [2012.05.01 13:58:53 | 000,023,624 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod4.dll
MOD - [2012.05.01 13:58:53 | 000,022,600 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\bf2142.dll
MOD - [2012.05.01 13:58:53 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\ut3.dll
MOD - [2012.05.01 13:58:53 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2so.dll
MOD - [2012.05.01 13:58:53 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\codmw2.dll
MOD - [2012.05.01 13:58:53 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod5.dll
MOD - [2012.05.01 13:58:53 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\cod2.dll
MOD - [2012.03.22 14:56:07 | 000,022,600 | ---- | M] () -- C:\Program Files (x86)\Mumble\plugins\lotro.dll
MOD - [2011.02.19 13:47:20 | 000,168,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\speex.dll
MOD - [2011.02.19 13:47:14 | 000,129,192 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2011.02.19 13:47:08 | 000,079,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.7.0.sse2.dll
MOD - [2011.02.19 13:46:56 | 000,094,888 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.11.0.sse2.dll
MOD - [2011.01.10 19:32:04 | 001,070,760 | ---- | M] () -- C:\Program Files (x86)\Mumble\libprotobuf.dll
MOD - [2011.01.10 19:30:54 | 000,042,152 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll
MOD - [2011.01.10 19:30:40 | 000,308,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll
MOD - [2011.01.10 19:30:28 | 000,027,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll
MOD - [2011.01.10 19:30:18 | 000,246,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll
MOD - [2011.01.10 19:30:08 | 000,208,552 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll
MOD - [2011.01.10 19:29:58 | 000,034,472 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll
MOD - [2011.01.10 19:29:48 | 000,032,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll
MOD - [2011.01.10 19:21:10 | 008,223,744 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtGui4.dll
MOD - [2010.12.04 15:47:38 | 000,957,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtNetwork4.dll
MOD - [2010.11.09 21:46:08 | 000,271,360 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSvg4.dll
MOD - [2010.11.09 21:39:20 | 000,691,712 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtOpenGL4.dll
MOD - [2010.11.09 21:24:58 | 000,679,936 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSql4.dll
MOD - [2010.11.09 21:05:58 | 000,342,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtXml4.dll
MOD - [2010.11.09 21:05:46 | 002,343,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtCore4.dll
MOD - [2010.10.04 01:50:48 | 002,259,968 | ---- | M] () -- C:\Program Files (x86)\Mumble\libsndfile-1.dll
MOD - [2010.07.09 07:41:42 | 002,359,296 | ---- | M] () -- C:\Program Files (x86)\Mumble\libmysql.dll
MOD - [2010.04.21 14:03:30 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_seek_box.dll
MOD - [2010.04.21 13:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2010.03.04 21:45:42 | 000,090,215 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\srmm.dll
MOD - [2010.03.04 21:43:32 | 000,052,839 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\zlib.dll
MOD - [2010.03.04 21:43:16 | 000,314,989 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\ICQ.dll
MOD - [2010.03.04 21:43:04 | 000,036,976 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\dbx_mmap.dll
MOD - [2010.03.04 21:42:46 | 000,061,553 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\clist_classic.dll
MOD - [2010.03.04 21:42:44 | 000,213,095 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\chat.dll
MOD - [2010.03.04 21:42:38 | 000,064,613 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\avs.dll
MOD - [2009.09.09 15:28:56 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\zlib1.dll
MOD - [2009.08.10 14:53:54 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Miranda IM\Plugins\stopspam.dll
MOD - [2009.08.09 15:08:02 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\NetMeter\NetMeter.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.16 04:05:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.12 23:19:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.08 20:04:16 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.01 20:52:49 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.03 12:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.11.23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010.03.27 12:03:36 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.11.12 03:50:24 | 000,894,136 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.07.16 10:20:06 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 15:25:44 | 000,023,040 | ---- | M] (Sagatek Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MO3v2Driver.sys -- (SSMO3v2Filter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.07.04 02:32:36 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.07.04 02:32:36 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.04.27 15:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 15:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 13:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 13:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010.03.27 12:56:05 | 000,267,872 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.03.27 12:03:36 | 000,251,488 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010.03.27 12:03:35 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258)
DRV:64bit: - [2010.03.27 12:03:33 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.03.08 20:03:38 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009.07.16 10:20:26 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.17 17:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.02.13 12:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2005.04.13 22:17:52 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0801.sys -- (tap0801)
DRV - [2010.03.12 20:51:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC A7 18 DD 25 BE CA 01 [binary data]
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes,DefaultScope = {9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..\SearchScopes\{9096CEDD-2C4C-4ACF-86A4-0F8F767074A3}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost
IE - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = server.z0ny.net:3128


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Users\z0ny\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\z0ny\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions
[2010.09.16 21:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\z0ny\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.cz/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Download Helper (Enabled) = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\plugin/download_helper.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Users\z0ny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Bejeweled = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Angry Birds = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: HTTP Headers = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hplfkkmefamockhligfdcfgfnbcdddbg\1.0.0.2_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011.11.15 01:51:22 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (http://www.flashget.com)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (http://www.flashget.com)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [NetMeter] C:\Program Files (x86)\NetMeter\NetMeter.exe ()
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [Steam] C:\Hry\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000..\Run: [TrueCrypt] C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\z0ny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = C:\Program Files (x86)\Miranda IM\miranda32.exe ( )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-2802937240-2648798408-2496797330-1000\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.227.171.26 46.227.171.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5087D5D-0EA8-4B7D-A9E4-ED3C60E8BF8E}: DhcpNameServer = 46.227.171.26 46.227.171.25
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.16 02:42:34 | 001,201,152 | ---- | M] (ShockingSoft) - E:\AutoClicker.exe -- [ NTFS ]
O32 - AutoRun File - [2006.10.02 13:17:07 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.10.02 13:17:07 | 000,000,624 | R--- | M] () - F:\autorun.cfg -- [ CDFS ]
O32 - AutoRun File - [2006.10.02 13:19:19 | 000,000,068 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell - "" = AutoRun
O33 - MountPoints2\{6b05e085-32b6-11df-a5fb-00241d1037e4}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{963a5456-1fb7-11e3-8032-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{963a5456-1fb7-11e3-8032-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2006.10.02 13:17:07 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.lameacm - LameACM.acm (http://www.mp3dev.org/)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.TMB0 - File not found
Drivers32:64bit: vidc.x264 - C:\PROGRA~1\X264VF~1\X264VF~1.DLL (x264vfw project)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\LameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (http://www.helixcommunity.org)
Drivers32: VIDC.RTV1 - rtvcvfw32.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.12 13:54:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.08 12:10:44 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2014.01.06 21:31:53 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\BotaniculaSaves
[2014.01.06 21:24:27 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\Another World
[2014.01.04 12:58:25 | 000,000,000 | ---D | C] -- C:\Users\z0ny\AppData\Local\Criterion Games
[2014.01.03 08:31:51 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\SavedGames
[2014.01.03 06:32:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2014.01.03 02:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013.12.16 18:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.12.16 04:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.12.14 02:13:10 | 000,000,000 | ---D | C] -- C:\Users\z0ny\Documents\WB Games
[2013.12.14 02:13:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.12 14:44:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.12 14:26:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job
[2014.01.12 14:26:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.12 14:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.12 12:26:58 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.12 12:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\z0ny\Desktop\OTL.exe
[2014.01.12 12:17:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.12 12:17:16 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2014.01.09 11:34:12 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 11:34:12 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.09 11:33:02 | 001,507,908 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.09 11:33:02 | 000,641,418 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.09 11:33:02 | 000,627,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.09 11:33:02 | 000,130,986 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.09 11:33:02 | 000,113,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.09 11:27:04 | 1072,525,310 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.07 15:11:46 | 000,000,600 | ---- | M] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2014.01.03 06:43:47 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.22 20:34:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.22 20:33:57 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.16 18:50:17 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.12.13 22:31:11 | 000,277,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.12 14:44:03 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.03 02:20:54 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.12.16 18:50:17 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.10.22 17:08:19 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Roaming\winscp.rnd
[2011.06.13 19:33:43 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.16 02:54:04 | 000,004,508 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp21.html
[2010.08.16 02:40:47 | 000,000,778 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Temp1.html
[2010.06.30 19:23:03 | 000,007,626 | ---- | C] () -- C:\Users\z0ny\AppData\Local\Resmon.ResmonCfg
[2010.03.20 21:05:37 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\AppData\Local\PUTTY.RND
[2010.03.11 15:02:25 | 000,000,600 | ---- | C] () -- C:\Users\z0ny\PUTTY.RND

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010.05.04 19:30:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Subversion
[2014.01.07 15:45:37 | 000,000,000 | -H-D | M] -- C:\Users\z0ny\AppData\Roaming\.minecraft
[2012.01.29 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\.Nitrous
[2010.03.11 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Acronis
[2013.07.31 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Audacity
[2013.08.06 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Battle.net
[2012.10.21 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Bioshock
[2010.03.08 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BITS
[2013.02.23 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Broad Intelligence
[2011.06.06 14:26:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer
[2010.03.08 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer Pro
[2011.09.20 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Cobra Mobile
[2013.04.20 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Curse Advertising
[2011.10.09 01:52:03 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CzDC
[2010.03.09 18:48:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\DAEMON Tools Lite
[2011.09.04 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Feedreader
[2010.03.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\FlashGet
[2014.01.09 13:30:59 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\foobar2000
[2010.03.09 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\GHISLER
[2013.09.08 01:18:20 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Image-Line
[2013.10.06 02:36:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\JetBrains
[2013.11.04 14:53:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KB-ext
[2014.01.08 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2011.04.17 01:24:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Lazy 8 Studios
[2013.07.13 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leadertech
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leawo
[2010.03.09 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mikrotik
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Moyea
[2014.01.12 14:41:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mumble
[2010.03.09 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NetMeter
[2010.03.09 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Notepad++
[2013.08.16 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Origin
[2011.04.03 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Rovio
[2013.07.13 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\SteelSeries
[2010.03.12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Subversion
[2011.07.08 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\System
[2011.01.26 01:16:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Sytexis Software
[2010.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Thunderbird
[2010.03.07 22:27:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TrueCrypt
[2013.07.21 00:51:41 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TS3Client
[2013.05.22 20:07:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Wargaming.net
[2010.03.18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Western Digital
[2011.07.08 18:53:16 | 000,000,000 | -HSD | M] -- C:\Users\z0ny\AppData\Roaming\wyUpdate AU
[2013.08.18 01:32:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XnView
[2010.07.24 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XRay Engine

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,620 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.09.16 20:58:02 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2010.09.16 20:58:03 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job
[2012.04.15 12:44:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.22 17:32:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.22 17:32:43 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.07 15:45:37 | 000,000,000 | -H-D | M] -- C:\Users\z0ny\AppData\Roaming\.minecraft
[2012.01.29 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\.Nitrous
[2010.03.11 14:10:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Acronis
[2012.08.26 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Adobe
[2011.06.13 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\ArcSoft
[2013.07.31 22:26:27 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Audacity
[2013.08.06 22:52:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Battle.net
[2012.10.21 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Bioshock
[2010.03.08 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BITS
[2013.02.23 19:24:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Broad Intelligence
[2011.06.06 14:26:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer
[2010.03.08 20:26:34 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\BSplayer Pro
[2011.09.20 18:17:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Cobra Mobile
[2013.04.20 14:34:42 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Curse Advertising
[2011.06.13 18:32:46 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CyberLink
[2011.10.09 01:52:03 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\CzDC
[2010.03.09 18:48:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\DAEMON Tools Lite
[2011.09.04 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Feedreader
[2010.03.09 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\FlashGet
[2014.01.09 13:30:59 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\foobar2000
[2010.03.09 18:48:55 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\GHISLER
[2010.03.07 19:22:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Identities
[2013.09.08 01:18:20 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Image-Line
[2010.03.07 19:26:16 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\InstallShield
[2013.10.06 02:36:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\JetBrains
[2013.11.04 14:53:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KB-ext
[2014.01.08 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\KeePassX
[2011.04.17 01:24:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Lazy 8 Studios
[2013.07.13 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leadertech
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Leawo
[2013.07.13 11:23:51 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Logishrd
[2013.07.13 11:23:51 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Logitech
[2010.03.07 21:42:29 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Media Center Programs
[2012.08.26 20:15:58 | 000,000,000 | --SD | M] -- C:\Users\z0ny\AppData\Roaming\Microsoft
[2010.08.01 14:47:45 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Microsoft Corporation
[2010.03.09 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mikrotik
[2014.01.12 12:19:09 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\mIRC
[2010.11.06 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Moyea
[2010.09.16 21:45:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mozilla
[2014.01.12 14:41:23 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Mumble
[2010.03.09 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NetMeter
[2010.03.09 19:24:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Notepad++
[2011.09.28 03:59:08 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\NVIDIA
[2013.08.16 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Origin
[2011.04.03 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Rovio
[2010.03.13 01:22:06 | 000,000,000 | RH-D | M] -- C:\Users\z0ny\AppData\Roaming\SecuROM
[2013.09.11 22:30:21 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Skype
[2013.07.13 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\SteelSeries
[2010.03.12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Subversion
[2011.07.08 18:16:01 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\System
[2011.01.26 01:16:15 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Sytexis Software
[2010.03.09 18:51:29 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\teamspeak2
[2010.03.09 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Thunderbird
[2010.08.03 14:56:04 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TortoiseSVN
[2010.03.07 22:27:30 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TrueCrypt
[2013.07.21 00:51:41 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\TS3Client
[2010.03.09 18:51:48 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Ventrilo
[2011.11.20 19:38:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\VMware
[2013.05.22 20:07:05 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Wargaming.net
[2010.03.18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\Western Digital
[2011.07.08 18:53:16 | 000,000,000 | -HSD | M] -- C:\Users\z0ny\AppData\Roaming\wyUpdate AU
[2013.08.18 01:32:52 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XnView
[2010.07.24 01:00:37 | 000,000,000 | ---D | M] -- C:\Users\z0ny\AppData\Roaming\XRay Engine

< %APPDATA%\*.exe /s >
[2007.08.18 09:54:02 | 000,020,480 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2007.08.18 09:53:50 | 000,016,384 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\dialog_patch.exe
[2008.04.13 17:26:54 | 000,036,396 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\AC3 Filter\uninstall.exe
[2008.04.01 11:51:06 | 000,691,717 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2008.03.29 17:42:00 | 000,103,424 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2008.03.29 17:42:02 | 000,335,872 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2008.03.29 17:41:54 | 000,135,168 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2008.06.10 09:11:02 | 000,041,412 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.12.13 22:39:55 | 001,175,960 | ---- | M] () -- C:\Users\z0ny\AppData\Roaming\KB-ext\lib\unins000.exe
[2010.03.08 20:53:12 | 000,010,134 | R--- | M] () -- C:\Users\z0ny\AppData\Roaming\Microsoft\Installer\{9DAB307E-531F-4992-AB30-6F1AD39E6CF9}\_8C4C6DE2B4274D54DAD619.exe
[2013.12.14 02:13:06 | 000,010,134 | R--- | M] () -- C:\Users\z0ny\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.01.12 14:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.01.12 12:26:58 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.12 14:26:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.12 12:17:16 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000Core.job
[2014.01.12 14:26:00 | 000,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2802937240-2648798408-2496797330-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.08.05 20:38:49 | 000,026,924 | ---- | M] () -- \Hry\Steam\steamapps\common\alien swarm\swarm\sound\vo\crash\hackcrackhome.wav
[2013.09.16 02:39:39 | 000,000,590 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack1.pth
[2013.09.16 02:39:38 | 000,000,719 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack2.pth
[2013.09.16 02:39:40 | 000,000,717 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack31.pth
[2013.09.16 02:39:38 | 000,000,481 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\PATH\crack32.pth
[2013.09.16 02:39:38 | 000,011,714 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\Scripts\crack.cfg
[2013.09.16 02:39:41 | 000,005,645 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS20\Scripts\sl_crack.cfg
[2013.09.16 02:39:39 | 000,000,590 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack1.pth
[2013.09.16 02:39:38 | 000,000,719 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack2.pth
[2013.09.16 02:39:40 | 000,000,717 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack31.pth
[2013.09.16 02:39:38 | 000,000,481 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\PATH\crack32.pth
[2013.09.16 02:40:02 | 000,011,889 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\Scripts\crack.cfg
[2013.09.16 02:40:03 | 000,005,930 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Areas\BIOS91\Scripts\sl_crack.cfg
[2013.09.16 02:40:14 | 000,019,998 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Models\Characters\Things\IceParts\ice_crack.CMF
[2013.09.16 02:40:18 | 000,001,467 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Scripts\emitters\emgfx\Presets\Sparks\red_crack_sparks.cfg
[2013.09.16 02:40:20 | 000,002,063 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Scripts\environments\Things\ice_crack.phys
[2013.09.16 03:08:47 | 000,385,688 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Actors\_Hero\Hero_sledge_crack_fall.CHA
[2013.09.16 03:09:06 | 000,641,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Actors\Muffled_half\Muffled_cracking_the_door.CHA
[2013.09.16 03:08:59 | 000,004,380 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall.CHA
[2013.09.16 03:08:36 | 000,006,760 | ---- | M] () -- \Hry\Steam\steamapps\common\Cryostasis\Data\Tracks\Characters\Devices\Sledge\crack_fall_all.CHA
[2011.08.19 21:43:35 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2.dds
[2011.08.19 21:43:58 | 000,699,178 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2nrm.dds
[2011.08.19 21:45:52 | 000,349,680 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\packages\DogFighterV1\models\terrain\redmines\redminescrackedsand2nrm_c.dds
[2013.03.10 13:46:18 | 000,000,100 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\garrysmod\addons\CSS Content Addon\materials\concrete\prodwllecracked.vmt
[2013.03.10 13:46:18 | 000,174,968 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\garrysmod\addons\CSS Content Addon\materials\concrete\prodwllecracked.vtf
[2010.06.26 02:45:52 | 000,000,796 | ---- | M] () -- \Hry\Steam\steamapps\common\grand theft auto san andreas\data\Decision\Craig\crack1.ped
[2013.01.04 20:36:52 | 000,076,652 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_0.xnb
[2013.01.04 20:35:10 | 000,034,846 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_NRM_0.xnb
[2013.01.04 20:34:30 | 000,063,448 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_0.xnb
[2013.01.04 20:36:53 | 000,037,594 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_nrm_0.xnb
[2013.01.04 20:38:20 | 000,004,354 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_0.xnb
[2013.01.04 20:34:30 | 000,004,058 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_NRM02_0.xnb
[2013.01.04 20:36:45 | 000,008,140 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked00_0.xnb
[2013.01.04 20:35:12 | 000,018,032 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked01_0.xnb
[2013.01.04 20:38:20 | 000,008,364 | ---- | M] () -- \Hry\Steam\steamapps\common\Magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked_NRM_0.xnb
[2012.05.18 22:06:10 | 000,087,536 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_d.dds
[2012.05.18 21:29:29 | 000,087,536 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\decals\concrete_cracks_01_n.dds
[2012.05.18 21:29:28 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_d.dds
[2012.05.18 21:45:27 | 000,043,832 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_m.dds
[2012.05.18 21:55:23 | 001,398,256 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_n.dds
[2012.05.18 22:04:45 | 000,699,192 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\data\textures\terrain\concrete_cracked_01_s.dds
[2012.05.18 21:58:19 | 000,000,355 | ---- | M] () -- \Hry\Steam\steamapps\common\resident evil operation raccoon city\dlc\pack1\worlds\surfaces\decals\dec_concrete_cracks_01.matb
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >

< *AntiWPA* /s >

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 15:12
od z0ny
< *loader* /s >
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Hry\Steam\remoteui\static\libs\images\ajax-loader.gif
[2011.07.07 19:56:47 | 000,253,691 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\Preloader.cgr
[2011.07.07 20:00:06 | 000,000,878 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\Preloader_config.xml
[2013.09.16 02:22:41 | 000,097,889 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\start - project loader.cgr
[2011.07.07 19:55:11 | 000,016,384 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\channels\FileLoader.dll
[2013.12.14 02:14:13 | 000,058,880 | ---- | M] () -- \Hry\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\PhysXLoader.dll
[2013.02.09 15:19:40 | 000,058,880 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2013.11.26 22:32:16 | 000,001,444 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidgetLoaderBUL.DEU
[2013.11.26 22:32:18 | 000,000,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidget_LoaderJET.DEU
[2013.11.26 22:32:27 | 000,000,710 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_HolidayLoader.DEU
[2013.11.26 22:32:40 | 000,001,396 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidgetLoaderBUL.ESN
[2013.11.26 22:32:22 | 000,000,788 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidget_LoaderJET.ESN
[2013.11.26 22:32:19 | 000,000,734 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_HolidayLoader.ESN
[2013.11.26 22:32:17 | 000,001,414 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidgetLoaderBUL.FRA
[2013.11.26 22:32:19 | 000,000,738 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidget_LoaderJET.FRA
[2013.11.26 22:32:19 | 000,000,684 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_HolidayLoader.FRA
[2013.11.26 22:32:20 | 000,001,440 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidgetLoaderBUL.ITA
[2013.11.26 22:32:28 | 000,000,784 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidget_LoaderJET.ITA
[2013.11.26 22:32:19 | 000,000,730 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_HolidayLoader.ITA
[2013.11.26 22:32:20 | 000,001,270 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidgetLoaderBUL.JPN
[2013.11.26 22:32:20 | 000,000,722 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidget_LoaderJET.JPN
[2013.11.26 22:32:34 | 000,000,668 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_HolidayLoader.JPN
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2013.02.09 15:20:09 | 000,000,916 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2013.02.09 15:20:08 | 000,000,916 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2013.02.09 15:20:15 | 000,002,656 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2013.02.09 15:20:11 | 000,000,852 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2013.02.09 15:20:03 | 000,000,852 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2013.02.09 15:20:12 | 000,002,868 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2013.02.09 15:20:12 | 000,000,876 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2013.02.09 15:20:17 | 000,000,876 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2013.02.09 15:20:08 | 000,002,706 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2013.02.09 15:20:18 | 000,000,856 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2013.02.09 15:20:13 | 000,000,856 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2013.02.09 15:21:08 | 000,002,754 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2013.02.09 15:20:14 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2013.02.09 15:20:15 | 000,000,748 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2013.02.09 15:20:09 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2013.02.09 15:20:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2013.02.09 15:20:11 | 000,000,748 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2013.02.09 15:20:03 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2013.02.09 15:20:10 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2013.02.09 15:20:15 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2013.02.09 15:20:11 | 000,002,636 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2013.09.01 18:07:08 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBadass.KOR
[2013.09.01 18:07:54 | 000,000,728 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBUL.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderEXP.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderGUN.KOR
[2013.09.01 18:07:37 | 000,000,728 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderHOT.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderJET.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderPWR.KOR
[2013.09.01 18:07:08 | 000,000,222 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderRPG.KOR
[2013.09.01 18:07:08 | 000,002,636 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_Population_Loader.KOR
[2013.09.01 18:07:24 | 000,001,144 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_BigLoaderTurret_Digi.DEU
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_LoaderUltimateBadass_Digi.DEU
[2013.09.01 18:07:35 | 000,001,102 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_BigLoaderTurret_Digi.ESN
[2013.09.01 18:07:27 | 000,000,572 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_LoaderUltimateBadass_Digi.ESN
[2013.09.01 18:08:03 | 000,001,128 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_BigLoaderTurret_Digi.FRA
[2013.09.01 18:07:56 | 000,000,574 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_LoaderUltimateBadass_Digi.FRA
[2013.09.01 18:07:23 | 000,001,108 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_BigLoaderTurret_Digi.ITA
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_LoaderUltimateBadass_Digi.ITA
[2013.09.01 18:07:28 | 000,000,990 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_BigLoaderTurret_Digi.JPN
[2013.09.01 18:07:55 | 000,000,570 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_LoaderUltimateBadass_Digi.JPN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2013.02.09 15:20:38 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2013.02.09 15:20:41 | 000,004,550 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2013.02.09 15:20:27 | 000,004,486 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2013.02.09 15:20:43 | 000,004,558 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2013.02.09 15:20:34 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2013.02.09 15:20:34 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2013.02.09 15:20:39 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2013.02.09 15:20:25 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2013.02.09 15:20:34 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2013.02.09 15:20:13 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2013.02.09 15:20:25 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2013.02.09 15:20:27 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2013.02.09 15:20:38 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2013.02.09 15:21:41 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2013.09.01 18:07:09 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBadass.KOR
[2013.09.01 18:07:09 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBoss.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBUL.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderEXP.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderGUN.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderHOT.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderION.KOR
[2013.09.01 18:07:09 | 000,000,228 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderJunk.KOR
[2013.09.01 18:07:09 | 000,000,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPirate.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPWR.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderRPG.KOR
[2013.09.01 18:07:09 | 000,000,226 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderWAR.KOR
[2013.09.01 18:07:09 | 000,004,418 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_Loader.KOR
[2013.09.01 18:07:09 | 000,000,216 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_LoaderBoss.KOR
[2013.02.09 15:23:18 | 000,000,892 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ESN\GD_Sage_Pop_Loader.ESN
[2013.02.09 15:22:56 | 000,000,874 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\FRA\GD_Sage_Pop_Loader.FRA
[2013.02.09 15:22:54 | 000,000,898 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\ITA\GD_Sage_Pop_Loader.ITA
[2013.09.01 18:07:49 | 000,000,866 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\DLC\Sage\Compat\Localization\KOR\GD_Sage_Pop_Loader.KOR
[2013.02.09 14:57:38 | 003,465,909 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2013.02.09 15:05:48 | 000,032,232 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2013.02.09 15:24:28 | 000,001,140 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2013.02.09 15:24:11 | 000,000,504 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2013.02.09 15:24:10 | 000,009,492 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2013.02.09 15:23:18 | 000,001,072 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2013.02.09 15:24:08 | 000,000,518 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2013.02.09 15:24:08 | 000,009,746 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2013.02.09 15:24:13 | 000,001,098 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2013.02.09 15:24:10 | 000,000,514 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2013.02.09 15:24:10 | 000,009,610 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2013.02.09 15:24:31 | 000,001,068 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2013.02.09 15:24:29 | 000,000,530 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2013.02.09 15:24:32 | 000,009,798 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2013.02.09 15:24:33 | 000,000,946 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2013.02.09 15:24:15 | 000,000,502 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2013.02.09 15:24:16 | 000,009,486 | ---- | M] () -- \Hry\Steam\steamapps\common\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2011.08.19 21:48:02 | 000,075,104 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\bin\x86_vc8\PhysXLoader.dll
[2011.08.19 21:46:52 | 000,071,008 | ---- | M] () -- \Hry\Steam\steamapps\common\dogfighter\bin\x86_vc8\iePhysxLegacy\PhysXLoader.dll
[2013.09.16 02:36:38 | 000,352,548 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\models\loader.mdl
[2013.09.16 02:36:46 | 000,012,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\sound\ambience\loader_hydra1.wav
[2013.09.16 02:36:58 | 000,012,164 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\bshift\sound\ambience\loader_step1.wav
[2013.09.16 02:33:42 | 000,341,264 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\gearbox\models\loader.mdl
[2013.09.16 02:34:54 | 000,352,548 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\models\loader.mdl
[2013.09.16 02:34:54 | 000,012,764 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2013.09.16 02:35:10 | 000,012,164 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2013.01.03 00:33:34 | 000,068,688 | ---- | M] () -- \Hry\Steam\steamapps\common\Mass Effect\Binaries\PhysXLoader.dll
[2011.01.01 20:29:57 | 000,065,536 | ---- | M] () -- \Hry\Steam\steamapps\common\medal of honor\Binaries\PhysXLocal\PhysXLoader.dll
[2013.09.04 23:06:31 | 000,064,832 | ---- | M] () -- \Hry\Steam\steamapps\common\Metro Last Light\PhysXLoader.dll
[2013.07.15 22:56:54 | 000,068,688 | ---- | M] () -- \Hry\Steam\steamapps\common\mirrors edge\Binaries\PhysXLocal\PhysXLoader.dll
[2011.03.23 19:23:17 | 001,855,488 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\nwloader.exe
[2011.03.22 23:07:09 | 000,565,436 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\NWN2_Autodownloader_Server_Admin_Guide.pdf
[2011.03.22 23:06:50 | 000,530,662 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\NWN2_Autodownloader_Toolset_User_Guide.pdf
[2011.03.23 19:45:04 | 000,000,150 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X2\campaigndownloaderresources.XML
[2011.03.22 23:06:37 | 000,565,436 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Documentation\NWN2_Autodownloader_Server_Admin_Guide.pdf
[2011.03.23 19:01:37 | 000,530,662 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Documentation\NWN2_Autodownloader_Toolset_User_Guide.pdf
[2011.12.23 21:09:28 | 000,064,352 | ---- | M] () -- \Hry\Steam\steamapps\common\railworks\PhysXLoader.dll
[2012.12.23 04:02:52 | 000,053,248 | ---- | M] () -- \Hry\Steam\steamapps\common\Splinter Cell - Double Agent\SCDA-Online\System\PhysXLoader.dll
[2009.12.24 00:57:55 | 000,069,632 | ---- | M] () -- \Hry\Steam\steamapps\common\Star Trek Online\Star Trek Online\Live\PhysXLoader.dll
[2013.02.02 20:17:53 | 000,000,182 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoader.ini
[2009.05.16 00:09:01 | 000,040,960 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v10.dll
[2009.05.16 00:09:01 | 000,002,413 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v10.u
[2009.05.24 13:53:53 | 000,152,186 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v11.dll
[2009.05.24 13:53:53 | 000,001,069 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v11.u
[2009.06.11 16:51:28 | 000,061,440 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v12.dll
[2009.06.11 16:51:28 | 000,001,341 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v12.u
[2009.10.09 20:12:22 | 000,061,440 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v13.dll
[2009.10.09 20:12:22 | 000,001,367 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v13.u
[2011.03.23 19:16:18 | 000,081,920 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.dll
[2011.03.23 19:16:18 | 000,084,764 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.so
[2011.03.23 19:16:18 | 000,001,739 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16b.u
[2013.02.02 20:17:53 | 000,081,920 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.dll
[2013.02.02 20:17:53 | 000,095,325 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.so
[2013.02.02 20:17:53 | 000,001,739 | ---- | M] () -- \Hry\UnrealTournament\System\NPLoaderLL_v16c.u
[2014.01.03 06:42:53 | 001,069,712 | ---- | M] () -- \Hry\World of Warcraft\BackgroundDownloader.exe
[2014.01.03 02:35:16 | 000,003,080 | ---- | M] () -- \Hry\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2014.01.03 02:35:16 | 000,004,295 | ---- | M] () -- \Hry\World of Warcraft\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2012.08.29 21:44:02 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.05.17 17:19:18 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\Koan\pyloader.dll
[2011.03.28 15:01:36 | 000,023,849 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.03.28 15:01:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.06.23 19:49:30 | 000,010,779 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.06.23 19:49:36 | 000,003,490 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2011.06.23 19:49:36 | 000,013,373 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2010.04.29 19:51:58 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2010.04.29 19:52:00 | 000,003,486 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\langloader.kc
[2010.04.29 19:52:00 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cox\widget\layoutloader.kc
[2013.06.29 05:29:54 | 000,000,106 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\gems\debug_preloader.rb
[2013.06.29 05:29:54 | 000,001,230 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\minitest_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,006,188 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\paramdefs_loader_base.rb
[2013.06.29 05:29:54 | 000,003,653 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rspec_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,002,407 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\bundler\bundler_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,006,266 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\capistrano\capistrano_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,002,256 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\mongoid\mongoid_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,023,220 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,009,755 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\rails3_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,001,507 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\rails\rails4_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,003,256 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\paramdefs\sinatra\sinatra_paramdefs_loader.rb
[2013.06.29 05:29:54 | 000,003,099 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\testing\sm_factory_provider_loader.rb
[2013.07.25 02:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 02:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.07.25 02:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.07.25 02:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.12.06 23:38:40 | 000,364,088 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.06.28 22:44:10 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.06.28 22:44:10 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.06.28 22:44:10 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.06.28 22:44:10 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.06.28 22:44:10 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.06.28 22:44:10 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.12.13 22:38:23 | 000,000,673 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O62SKUO\loader.white[1].gif
[2013.01.28 21:23:01 | 000,105,903 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LBEUA70Y\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.09.11 19:35:25 | 000,001,511 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9FQBKA2\AdLoader[1].htm
[2013.11.02 16:23:58 | 000,004,178 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9FQBKA2\loader[1].gif
[2013.09.11 19:35:25 | 000,109,505 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2QX6R85\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2010.03.08 01:10:05 | 000,006,820 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\ajax-loader000[1].gif
[2010.03.07 22:02:58 | 000,002,545 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\ajax-loader[1].gif
[2010.03.08 01:51:39 | 000,001,797 | ---- | M] () -- \Users\z0ny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXNUTVF\grey_loader[1].gif
[2010.12.15 21:20:42 | 000,000,054 | ---- | M] () -- \Users\z0ny\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\G86VJE7A\media.mtvnservices.com\player\loader\loaderLogging.sol
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.04.12 20:12:00 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.04.12 20:12:00 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.04.12 20:12:00 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.04.12 20:12:00 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.04.12 20:12:00 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2011.07.07 19:57:49 | 000,942,080 | ---- | M] () -- \Hry\Steam\steamapps\common\audiosurf\engine\channels\XML_SetRootNode.dll

< *AutoKMS* /s >

< *activator* /s >
[2011.03.23 19:08:16 | 000,002,173 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\beamactivator.UTI
[2011.03.23 19:06:01 | 000,006,336 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\i_beamactivator_ac.NCS
[2011.03.23 19:40:14 | 000,003,234 | ---- | M] () -- \Hry\Steam\steamapps\common\neverwinter nights 2\Campaigns\Neverwinter Nights 2 Campaign_X1\i_beamactivator_ac.NSS

< *serial* /s >
[2013.12.02 23:41:48 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\GarrysMod\bin\dmserializers.dll
[2013.07.10 23:42:36 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\Half-Life 2\bin\dmserializers.dll
[2010.06.02 17:38:50 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\common\Portal\bin\dmserializers.dll
[2011.06.27 20:04:54 | 000,000,017 | ---- | M] () -- \Hry\Steam\steamapps\common\stalker clear sky\serial.txt
[2010.07.23 20:28:24 | 000,000,017 | ---- | M] () -- \Hry\Steam\steamapps\common\stalker clear sky\STEAM_serial.txt
[2010.05.29 12:50:11 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life 2 episode two\bin\dmserializers.dll
[2011.03.17 20:44:00 | 000,712,704 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life 2\bin\dmserializers.dll
[2009.10.30 23:29:04 | 000,122,880 | ---- | M] () -- \Hry\Steam\steamapps\z0ny\half-life source\bin\dmserializers.dll
[2008.12.09 15:12:00 | 000,018,944 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\ComradeLib.XmlSerializers.dll
[2008.12.09 15:11:30 | 000,009,728 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.BuddySync.XmlSerializers.dll
[2008.12.09 15:10:08 | 000,065,536 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.Core.XmlSerializers.dll
[2008.12.09 15:11:24 | 000,019,456 | ---- | M] () -- \Program Files (x86)\GameSpy\Comrade\GameSpy.Presence.XmlSerializers.dll
[2003.10.09 06:11:48 | 000,000,216 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Sytrus\Artwork\DelSerialCache.bmp
[2013.06.29 05:29:54 | 000,000,113 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\cov_deserializers.rb
[2013.06.29 05:29:54 | 000,003,238 | ---- | M] () -- \Program Files (x86)\JetBrains\RubyMine 5.4.3.2.1\rb\deserializers\rcov_deserializer.rb
[2009.07.16 10:20:56 | 000,000,003 | ---- | M] () -- \Program Files (x86)\OpenVPN\easy-rsa\serial.start
[2010.03.18 18:31:26 | 000,370,552 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,042,904 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.xml
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2012.06.28 22:44:10 | 000,040,168 | ---- | M] () -- \Program Files\Java\jdk1.6.0_33\bin\serialver.exe
[1998.12.21 02:52:42 | 000,000,005 | ---- | M] () -- \Program Files\OpenSSL-Win64\bin\PEM\demoCA\serial
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.05.16 19:13:02 | 000,003,120 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2013.05.16 19:12:55 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.dll
[2013.05.16 19:13:02 | 000,001,079 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e04426adbac\Curse.CurseClient.Common.XmlSerializers.manifest
[2013.05.25 13:52:28 | 000,003,120 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2013.05.25 13:52:05 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.dll
[2013.05.25 13:52:28 | 000,001,079 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.Common.XmlSerializers.manifest
[2012.10.20 21:51:51 | 000,013,312 | ---- | M] () -- \Users\z0ny\AppData\Local\Apps\2.0\033CNL7D.437\4Y9H4776.0LW\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2012.07.17 22:13:10 | 000,000,249 | ---- | M] () -- \Users\z0ny\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 10:39:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.18 01:59:55 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.15 10:38:05 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.18 02:09:40 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.11.16 22:48:02 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.16 22:48:02 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.11.16 22:48:09 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013.11.16 22:48:09 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013.11.17 04:50:16 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013.11.17 04:50:16 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013.11.17 04:53:11 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.17 04:53:11 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.11.17 04:54:27 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll
[2013.11.17 04:54:27 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll.aux
[2013.11.17 04:56:32 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll
[2013.11.17 04:56:32 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.04.12 20:12:00 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.04.12 20:12:00 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61

< End of report >

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 15:19
od Márty84
:???: Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 16:46
od z0ny
Márty84 píše::???: Jen se jeste zeptam, jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:
Je to OEM verze koupena s komponentama (skladal sem to sam) instalace je odhadem pred 4ma rokama, vse instalovane v pocitaci je legalne porizene (jakozto programator na tom lpim). Vyssi nez Home mam kvuli sitovym funkcim a mezi profesional a ultimate byl pro me minimalni cenovy rozdil :)
Márty84 píše: :arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.01.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
z0ny :: Z0NY-PC [administrátor]

12.1.2014 15:38:30
MBAM-log-2014-01-12 (16-44-34).txt

Typ: Kompletní kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 862220
Uplynulý čas: 1 hodin, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
E:\zNet\ICQ\Dimmor\zoom3_v1_02.exe (Malware.Gen) -> Nebyla provedena žádná instrukce.

(konec)

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 16:50
od Márty84
OK.

:arrow: Nalez bych odstranil, ale necham to na vas, pokud to znate... Pak MBAM odinstlujte.

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2014 19:58
od z0ny
# AdwCleaner v3.017 - Report created 12/01/2014 at 19:54:43
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : z0ny - Z0NY-PC
# Running from : C:\Users\z0ny\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\ProgramData\apn

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526


-\\ Google Chrome v

[ File : C:\Users\z0ny\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1949 octets] - [12/01/2014 19:54:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2009 octets] ##########

Re: Prosím o preventivní kontrolu

Napsal: 13 led 2014 14:01
od Márty84
:arrow: Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz