Swapuje disk, pomalé prohlížeče, preventivka

[Lukasenko]

Hezký dobrý večer bez havěti, prosím o preventivní kontrolu logu z důvodu zpomalení počítače, občas se otevřou okna web. prohlížeče samostatně, swapuje disk. Dále se mi nezdá aplikace která běží v procesech pod názvem 57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe na c:\Program files\HD-V1.9 označená jako Torpedo. Předem moc děkuji za pomoc. Lukáš.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukasenko at 2014-08-10 23:16:55
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 52 GB (17%) free of 305 GB
Total RAM: 3582 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:17:36, on 10.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Steam\Steam.exe
C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Lukasenko\Desktop\RSIT.exe
C:\Program Files\trend micro\Lukasenko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: CrossriderApp0061788 - {11111111-1111-1111-1111-110611171188} - C:\Program Files\HD-V1.9\HD-V1.9-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [vdultimate_chrome] C:\ProgramData\VideoDownloaderUltimate\Chrome\vdultimate.exe /checkforupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Universal Media Server.lnk = C:\Program Files\Universal Media Server\UMS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\Windows\system32\nethtsrv.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\Windows\system32\netupdsrv.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 11315 bytes

======Scheduled tasks folder======

C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-1.job - C:\Program Files\HD-V1.9\HD-V1.9-codedownloader.exe /loYbyjss /Dlrbgby=task /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /vRmRwXNOj=1.34.7.1 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /ktCGdIxVP=http://js.infogenservice.com /jXdtpK=ch /VlxPn='HD-V1.9' /yFguXl=http://js.clientdemocloud.com /zcXzM /AnQig='{"asw":[8, -2147483391, 0]}' /fpDaeb='http://update.infogenservice.com/ie_cod ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-10.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-10.exe /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /MBoEtcbtS='HD-V1.9' /boipEt=1000 /tVMoTyG=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /qScpIxFyg=http://logs.infogenservice.com /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-11.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe 001859 5CE90A3873A74C03824EEB4B101A8660IE 61788 1406584188 93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 HD-V1.9
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-2.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-2.exe /oLNTdPy /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /ykUOCNhE=11111111-1111-1111-1111-110611171188 /jXdtpK=ch /dXAsYpwq /zcXzM /fpDaeb='http://update.infogenservice.com/ie_ena ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-3.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-3.exe /pAMXpNxg=aam63+EeuE5vW/kPAaboE58KMr4T07cq8PaZ9g69Zmgh4f4HSnIDR7uBOGkqAKR6Tc6gBcITGMdRc0B2HWCZ2sXEeiq0wth2jv7ZzrARaMHo1U083QPkWemGn41xV6p6uj4Q/tfGysbTp2DTvu3U7pd6CLs/oOxtp81XAP4DhtSyR6bCo61E9VXgVyYNNinN7i0mxbOrlCu8u/1c0RlNSNW5TwnQfb+r+wh6RZrrnHKa6aiAGC82/uOVSJn30A8A7PUyF29z8/qsHGUCE2gOVyhFac/W0gLEOCsffuVDrgo6TvLk2dXGw11ZGj7oYnIZRc93LNuGo+5VkHBc2hDa+m47LaVIiOM+Wx9oElHde4Pqyv8HVp1lSqcqWS6x2mLAE8EqRwzOYB4XA6lQWaZVsjNc27X+yauBU+rAIE8JVfYuQiApnC8DosNH1KmqkJxCU++h2q7IzTBv/rkKKuK4uhV9BIniSBtLrB5BEPYZsTYvmzFMXrZBCbEaovd7VU3nnBgFmoEnyOfEVbwAi8KbaMFFPvgRplX+LQcoJs0G+AvXVaKfCbEPziKin+YgGeCEOtNckMzXXRWRA9u3NnQPtwLRHJ6Xp7k+tCrUNjOyOB4uB+PvOk0gidv3Sjhpl3SRGVWS+G3ebzuG9JLBadWTDt+2piRbFsQahL/iIP5moeSV50GHnSftP0MYPa8jlYJsvay7YjHVYAozZ8Cbw+ydGwo/qWHN16GIRG3sYAtxdGIpJf/R/SrrCq4UqEdlV4czBTHTxqFhZNKQolmBgi7Ks23lux6ZcNigP1gim7V/4Qh/oPAzPPdmDdmGUA7f8xFyjOH7yaDCLVi9jSldSbX4xFJq26woUBFgqInnzfxDmYSJQlG+ibFzH8/GoFMRLDNW2LGKFNOaxrBNr2G7sI+oIjidy3G3rCxneSrpIHWc2CU2ErANZjhqr7mYyciYK4QRt+myfa7a9CLi47FWr8e3UEn2eyZyXT6yv+CFAsCvXikNdpwOMh2xXOV0nh3LvL2aff5K/XaXSnopcVDNdhuLvLG8FKEvhS7tc4/CZYi5MXUm2LDTiIEf72QwqT/1/mg7LMYbeyFRJVIE54h0Xm13iXwB73yLVpIAznciyLC5QbtC6GSEQ+EUwl5fJWdNTE+Uw0VBwz3heFjc3PoHyXhNNODHdGrqgjbujAQ40N/q7NdlyBLnrdSygxknI9t9zBMHwU62G48LQEScklAxR8FZ4fWPzACovbzdRwl28eTxUYiS/2DxBMv6ubeLoubHrvF7ckBR4bVVsm6ho4Vgt0+5Z2CxzsjplPFaQjzszjUGP0gr6Oon5oIx8Zc2R/gfM01uO5BfXnUkC8uvUbPEnRcybw==
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-4.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-4.exe /DHVPvWLxJ /AyGFu='HD-V1.9' /LEDFoRyp='C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c.xpi' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /vRmRwXNOj=1.34.7.1 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /YnlyMN=300 /FFzbh=caseyvelez@aol.com /woMevAL=0.95 /IPSbSHR=acaseyvelezaolcom61788 /JXycjTecB=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /61788.rdf /MBoEtcbtS='HD-V1.9' /TMGBt='Lights out for YouTube' /MxUbbsEM='InfoHD-V1.8' /jXdtpK=ch /AnQig='{"asw":[8, -2147483391, 0]}' /zcXzM /lXJOKry /LGOKo /fpDaeb='http://update.infogenservice.com/ff_age ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-5.exe /OxGyN /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /azVCNcRF=http://ipgeoapi.com/ /lzzLgP=http://update.infogenservice.com /yWGsfgA=2 /qScpIxFyg=http://logs.infogenservice.com /fpDaeb='http://update.infogenservice.com/update ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5_user.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-5.exe /OxGyN /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /azVCNcRF=http://ipgeoapi.com/ /lzzLgP=http://update.infogenservice.com /yWGsfgA=2 /qScpIxFyg=http://logs.infogenservice.com /fpDaeb='http://update.infogenservice.com/update ... pdate.json' /SxcWIMclf /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-6.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-6.exe /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /vRmRwXNOj=1.34.7.1 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /ktCGdIxVP=http://js.infogenservice.com /jXdtpK=ch /hbkYGgf /VlxPn=HD-V1.9 /tHQjQzIp57889699-e09d-45e5-93ff-14ee32eeb35c-nova.dll /ACNQx57889699-e09d-45e5-93ff-14ee32eeb35c-nova64.dll /CMZhqmZDs='nova' /yFguXl=http://js.clientdemocloud.com /AnQig='{"asw":[8, -2147483391, 0]}' /fpDaeb='http://update.infogenservice.com/novaru ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-7.job - C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-7.exe /mSnDE /AyGFu='HD-V1.9' /NJIOTF=61788 /iqiyxrnqa='001859' /MTblXCam='0' /XsjBNOW='0' /FyWdr=5CE90A3873A74C03824EEB4B101A8660IE /nJEgRTmjS=6dc4beb06c3cca9dc9f882dd1141be38 /jcJPZ=1_34_07_01 /vRmRwXNOj=1.34.7.1 /DZlCw=1406584188 /nbRxh=http://stats.infogenservice.com /NCzrWkM=http://errors.infogenservice.com /ktCGdIxVP=http://js.infogenservice.com /jXdtpK=ch /hbkYGgf /VlxPn=HD-V1.9 /tHQjQzIp57889699-e09d-45e5-93ff-14ee32eeb35c-nova.dll /ACNQx57889699-e09d-45e5-93ff-14ee32eeb35c-nova64.dll /CMZhqmZDs='nova' /yFguXl=http://js.clientdemocloud.com /AnQig='{"asw":[8, -2147483391, 0]}' /Dlrbgby=task /fpDaeb='http://update.infogenservice.com/novaco ... pdate.json' /Dlrbgby='task' /LicwFzCmN=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Lukasenko\AppData\Local\24899\a30541.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000Core.job - C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000UA.job - C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\
caseyvelez@aol.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171188}]
HD-V1.9 - C:\Program Files\HD-V1.9\HD-V1.9-bho.dll [2014-07-28 608104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-03-31 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-12-17 1564368]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-03-31 605344]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-03-31 519328]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-05-30 1122312]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"AllShareAgent"=C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-02 285072]
"vdultimate_chrome"=C:\ProgramData\VideoDownloaderUltimate\Chrome\vdultimate.exe [2014-02-28 954368]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Google Update"=C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-04 116648]
"Steam"=C:\Program Files\Steam\steam.exe [2014-07-16 1753280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files\Google\Drive\googledrivesync.exe [2014-06-27 24477056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-07-15 1564016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-07-15 311152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Universal Media Server.lnk - C:\Program Files\Universal Media Server\UMS.exe

C:\Users\Lukasenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-10 23:16:46 ----A---- C:\awh1AEF.tmp
2014-08-10 22:57:44 ----D---- C:\rsit
2014-08-10 22:57:44 ----D---- C:\Program Files\trend micro
2014-08-05 20:09:34 ----D---- C:\Users\Lukasenko\AppData\Roaming\Ubisoft
2014-08-05 20:08:56 ----D---- C:\ProgramData\Solidshield
2014-08-05 20:02:35 ----A---- C:\Windows\system32\drivers\atksgt.sys
2014-08-05 20:02:34 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2014-08-02 00:30:28 ----A---- C:\Windows\system32\wups2.dll
2014-08-02 00:30:28 ----A---- C:\Windows\system32\wucltux.dll
2014-08-02 00:30:28 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-02 00:30:27 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-02 00:30:20 ----A---- C:\Windows\system32\wups.dll
2014-08-02 00:30:20 ----A---- C:\Windows\system32\wudriver.dll
2014-08-02 00:30:20 ----A---- C:\Windows\system32\wuapi.dll
2014-08-02 00:30:10 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-02 00:30:10 ----A---- C:\Windows\system32\wuapp.exe
2014-07-29 19:57:59 ----D---- C:\Users\Lukasenko\AppData\Roaming\Mozilla
2014-07-29 19:57:54 ----D---- C:\ProgramData\Mozilla
2014-07-29 19:57:53 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-29 19:57:42 ----D---- C:\Program Files\Mozilla Firefox
2014-07-28 23:49:59 ----D---- C:\Program Files\globalUpdate
2014-07-28 23:49:53 ----D---- C:\Program Files\HD-V1.9
2014-07-28 23:49:40 ----D---- C:\Program Files\Common Files\Config
2014-07-28 16:15:54 ----A---- C:\Windows\system32\drivers\nethfdrv.sys
2014-07-28 16:15:38 ----A---- C:\Windows\system32\netupdsrv.exe
2014-07-28 16:15:28 ----A---- C:\Windows\system32\installd.exe
2014-07-28 16:15:18 ----A---- C:\Windows\system32\nethtsrv.exe
2014-07-28 16:15:08 ----A---- C:\Windows\system32\hfnapi.dll
2014-07-28 16:15:00 ----A---- C:\Windows\system32\hfpapi.dll
2014-07-22 17:16:03 ----D---- C:\Program Files\LogMeIn Hamachi
2014-07-17 19:30:36 ----D---- C:\Program Files\Common Files\Java
2014-07-17 19:30:31 ----A---- C:\Windows\system32\javaws.exe
2014-07-17 19:30:25 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 19:30:25 ----A---- C:\Windows\system32\javaw.exe
2014-07-17 19:30:25 ----A---- C:\Windows\system32\java.exe
2014-07-15 19:40:22 ----D---- C:\Program Files\Common Files\Skype
2014-07-15 19:40:21 ----RD---- C:\Program Files\Skype

======List of files/folders modified in the last 1 month======

2014-08-10 23:13:48 ----D---- C:\Windows\Temp
2014-08-10 23:12:53 ----RD---- C:\Dropbox
2014-08-10 23:12:52 ----D---- C:\Users\Lukasenko\AppData\Roaming\Dropbox
2014-08-10 23:12:30 ----D---- C:\Windows\Prefetch
2014-08-10 23:12:20 ----D---- C:\Program Files\Steam
2014-08-10 23:11:29 ----D---- C:\ProgramData\NVIDIA
2014-08-10 23:10:32 ----D---- C:\Windows\system32\config
2014-08-10 23:10:12 ----A---- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Traffic.ini
2014-08-10 22:57:44 ----RD---- C:\Program Files
2014-08-10 22:37:39 ----SHD---- C:\System Volume Information
2014-08-05 20:08:56 ----HD---- C:\ProgramData
2014-08-05 20:02:35 ----D---- C:\Windows\system32\drivers
2014-08-05 20:02:16 ----RSD---- C:\Windows\assembly
2014-08-05 19:48:51 ----SHD---- C:\Windows\Installer
2014-08-05 19:48:44 ----D---- C:\Program Files\Ubisoft
2014-08-05 19:48:43 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-05 19:44:57 ----D---- C:\!Hry!
2014-08-02 12:16:18 ----D---- C:\Program Files\PokerStars.NET
2014-08-02 10:12:49 ----D---- C:\Windows\rescache
2014-08-02 09:33:31 ----D---- C:\Windows\winsxs
2014-08-02 09:32:55 ----D---- C:\Windows\system32\cs-CZ
2014-08-02 09:32:55 ----D---- C:\Windows\System32
2014-08-02 00:30:36 ----D---- C:\Windows\system32\catroot2
2014-08-02 00:30:36 ----D---- C:\Windows\system32\catroot
2014-07-30 23:10:28 ----D---- C:\Users\Lukasenko\AppData\Roaming\TS3Client
2014-07-29 19:59:53 ----SD---- C:\Users\Lukasenko\AppData\Roaming\Microsoft
2014-07-28 23:50:44 ----D---- C:\Windows\system32\Tasks
2014-07-28 23:50:43 ----D---- C:\Windows\Tasks
2014-07-28 23:49:40 ----D---- C:\Program Files\Common Files
2014-07-28 22:40:56 ----D---- C:\Users\Lukasenko\AppData\Roaming\ICQ
2014-07-27 19:40:00 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-17 19:30:52 ----D---- C:\ProgramData\Oracle
2014-07-17 19:30:24 ----D---- C:\Program Files\Java
2014-07-16 22:33:27 ----D---- C:\Users\Lukasenko\AppData\Roaming\Skype
2014-07-15 19:40:17 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-08-04 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-07-28 40528]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-08-05 281760]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-08-05 25888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-31 24736]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-11-28 162592]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 19232]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2013-10-17 25088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2013-04-18 25856]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys [2013-04-18 23168]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys [2013-06-28 27776]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-31 35488]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-03-31 43680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-31 226976]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-03-31 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-31 147104]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-31 52384]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-31 266272]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-31 247968]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-08-08 16608]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2012-03-25 95304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTCore32;RTCore32; \??\C:\Program Files\EVGA Precision X\RTCore32.sys [2013-03-11 5632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x86\Sandra.sys [2009-08-07 23112]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 184192]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2013-04-24 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2013-04-24 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2013-04-24 25216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-03-31 68768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2012-12-17 1564368]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-07-21 1905488]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-07-16 375056]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 NetHttpService;Network HTTP Support Service; C:\Windows\system32\nethtsrv.exe [2014-07-28 179712]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 19741472]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-12-19 664352]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
R2 ServiceUpdater;Network Support Service Updater; C:\Windows\system32\netupdsrv.exe [2014-07-28 159744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-28 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-05 651720]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-28 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-17 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\RpcAgentSrv.exe [2008-12-07 68760]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2012-08-05 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-05 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

[Lukasenko]

Dobrý den, jedná se o PC po firmě co už skončila a s W7 Ultimate už jsem to dostal škoda že je jen 32bit.

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *kms* /s
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Lukasenko]

OTL mi vygeneroval jen OTL file ...zkoušel jsem to 3x

OTL logfile created on: 12.8.2014 18:30:37 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukasenko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 64,43% Memory free
7,00 Gb Paging File | 5,60 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 48,63 Gb Free Space | 16,32% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 4,28 Gb Free Space | 2,87% Space Free | Partition Type: NTFS

Computer Name: LUKASENKO-PC | User Name: Lukasenko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.08.11 19:22:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
PRC - [2014.08.06 11:34:34 | 013,246,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.08.06 11:21:00 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014.07.28 23:50:40 | 000,380,776 | ---- | M] (InfoHD-V1.8) -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-10.exe
PRC - [2014.07.28 23:50:18 | 000,031,592 | ---- | M] () -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe
PRC - [2014.07.28 16:15:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\netupdsrv.exe
PRC - [2014.07.28 16:15:18 | 000,179,712 | ---- | M] () -- C:\Windows\System32\nethtsrv.exe
PRC - [2014.07.21 23:02:50 | 035,464,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.07.21 18:08:42 | 003,816,784 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.07.21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2014.07.16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2014.07.16 04:28:16 | 001,753,280 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2014.06.26 19:26:29 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014.05.30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.05.30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.05.30 01:30:33 | 019,741,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014.03.11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.12.19 20:37:25 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.12.19 20:37:25 | 000,930,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.12.19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.08.02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.03.02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012.03.02 00:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareAgent.exe
PRC - [2011.03.31 15:35:56 | 000,605,344 | ---- | M] (Atheros Communications) -- C:\Program Files\Bluetooth Suite\BtvStack.exe
PRC - [2011.03.31 15:35:52 | 000,519,328 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
PRC - [2011.03.31 15:35:50 | 000,068,768 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AdminService.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.12.18 00:14:00 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.12.18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe


========== Modules (No Company Name) ==========

MOD - [2014.08.12 18:08:15 | 000,043,008 | ---- | M] () -- c:\Users\Lukasenko\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgnir3k.dll
MOD - [2014.07.28 23:50:18 | 000,031,592 | ---- | M] () -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe
MOD - [2014.07.21 22:53:38 | 003,610,624 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014.07.16 04:28:28 | 002,139,328 | ---- | M] () -- C:\Program Files\Steam\video.dll
MOD - [2014.07.16 04:28:18 | 001,116,864 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2014.07.12 02:53:26 | 001,116,672 | ---- | M] () -- C:\Program Files\Steam\libavcodec-55.dll
MOD - [2014.07.12 02:53:26 | 000,438,784 | ---- | M] () -- C:\Program Files\Steam\libavutil-53.dll
MOD - [2014.07.12 02:53:26 | 000,399,360 | ---- | M] () -- C:\Program Files\Steam\libavformat-55.dll
MOD - [2014.07.12 02:53:26 | 000,331,264 | ---- | M] () -- C:\Program Files\Steam\libavresample-1.dll
MOD - [2014.06.27 00:40:28 | 000,764,416 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2014.05.15 20:04:36 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dbc236ca6655e4e3839ee4f802eb3f99\System.Data.ni.dll
MOD - [2014.05.14 22:27:40 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll
MOD - [2014.05.02 01:35:22 | 020,628,160 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2014.04.29 02:37:22 | 000,519,168 | ---- | M] () -- C:\Program Files\Steam\libswscale-2.dll
MOD - [2014.02.28 18:10:45 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014.02.28 18:08:48 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.02.27 23:47:57 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014.02.27 23:47:57 | 013,620,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\921861ef36355e6f12a981a188f99b8a\System.Web.ni.dll
MOD - [2014.02.27 23:47:53 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
MOD - [2014.02.27 23:47:50 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014.02.27 23:47:48 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014.02.27 23:47:43 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014.02.27 23:47:40 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014.02.27 23:47:37 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014.02.27 23:47:37 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014.02.27 23:47:35 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014.02.27 23:47:33 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014.02.27 23:47:32 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014.02.27 23:47:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014.02.27 23:47:25 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014.02.13 23:08:29 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014.02.13 23:02:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.13 23:02:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.13 23:02:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.13 23:01:57 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.10.19 01:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2012.08.05 03:44:50 | 000,008,704 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\GetCoreTempInfoNET.dll
MOD - [2012.08.05 03:44:50 | 000,007,680 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\SystemInfo.dll
MOD - [2012.08.05 03:44:50 | 000,006,144 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\CoreTempReader.dll
MOD - [2010.11.13 04:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll


========== Services (SafeList) ==========

SRV - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.07.28 23:49:58 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014.07.28 23:49:58 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014.07.28 16:15:38 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Windows\System32\netupdsrv.exe -- (ServiceUpdater)
SRV - [2014.07.28 16:15:18 | 000,179,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\nethtsrv.exe -- (NetHttpService)
SRV - [2014.07.21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.07.17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.07.16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.07.08 21:40:10 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.06.19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.05.30 01:30:33 | 019,741,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.12.19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.08.05 19:58:35 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.08.05 02:50:20 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2012.08.05 02:43:30 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.06.11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.03.02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 18:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.03.31 15:35:50 | 000,068,768 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009.12.18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.18 00:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008.12.07 12:27:00 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandmodem.sys -- (ANDModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandgps.sys -- (AndGps)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lganddiag.sys -- (AndDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandbus.sys -- (Andbus)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4vhabk4)
DRV - [2014.08.05 20:02:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2014.08.05 20:02:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2014.07.28 16:15:54 | 000,040,528 | ---- | M] (nethfdrv) [Kernel | System | Running] -- C:\Windows\System32\drivers\nethfdrv.sys -- (nethfdrv)
DRV - [2014.05.30 01:30:32 | 000,019,232 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014.03.31 18:42:44 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2014.03.11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014.01.22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2014.01.22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014.01.22 09:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.12.19 22:26:04 | 010,471,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.11.28 15:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013.10.17 17:32:56 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2013.06.28 12:44:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2013.04.24 11:14:52 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2013.04.24 11:14:52 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2013.04.24 11:14:52 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2013.04.18 17:11:52 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2013.04.18 17:09:22 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2013.03.11 18:30:10 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\EVGA Precision X\RTCore32.sys -- (RTCore32)
DRV - [2012.08.08 21:12:23 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.08.04 23:32:10 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.06.11 12:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.03.25 10:26:18 | 000,095,304 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2012.01.09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.03.31 15:36:04 | 000,247,968 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2011.03.31 15:36:02 | 000,266,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011.03.31 15:36:02 | 000,226,976 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011.03.31 15:36:02 | 000,147,104 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011.03.31 15:36:02 | 000,097,440 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2011.03.31 15:36:02 | 000,052,384 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011.03.31 15:36:02 | 000,043,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AthDfu.sys -- (ATHDFU)
DRV - [2011.03.31 15:36:02 | 000,035,488 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011.03.31 15:36:02 | 000,024,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{6ED7443C-1873-4A32-966E-3D9F286FF672}: "URL" = http://websearch.ask.com/redirect?clien ... 160DECD295
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lukasenko\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lukasenko\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2014.07.29 19:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Extensions
[2014.07.30 16:23:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions
[2014.07.30 16:23:49 | 000,000,000 | ---D | M] ("HD-V1.9") -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com
[2014.08.10 22:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData
[2014.08.10 22:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData\plugins
[2014.08.10 22:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData\userCode
[2014.07.29 19:58:36 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.07.29 19:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.07.29 19:57:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.43_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.9_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\3.1_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcgclhebknpjfgncigkapfdjndkopdad\3.2.1_0\
CHR - Extension: No name found = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdjjjmnacfjnmgckbhldbekckfldeolk\1.26.33_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (HD-V1.9) - {11111111-1111-1111-1111-110611171188} - C:\Program Files\HD-V1.9\HD-V1.9-bho.dll (InfoHD-V1.8)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [vdultimate_chrome] C:\ProgramData\VideoDownloaderUltimate\Chrome\vdultimate.exe (Link64 GmbH)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Lukasenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.61.139.129 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F69E4B25-86FE-4172-A3EE-632A220E0729}: DhcpNameServer = 86.61.139.129 84.16.96.2
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{04db95f4-de7c-11e1-b57c-001d7dd2c5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{04db95f4-de7c-11e1-b57c-001d7dd2c5ec}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{1ceea5f4-de63-11e1-b557-001d7dd2c5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{1ceea5f4-de63-11e1-b557-001d7dd2c5ec}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2014.08.11 19:22:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
[2014.08.11 19:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.08.11 19:17:21 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.08.11 19:17:14 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.08.11 19:17:14 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.08.11 19:17:14 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.08.11 19:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.08.11 19:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.08.10 22:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.08.10 22:57:44 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.05 21:01:35 | 000,000,000 | ---D | C] -- C:\Users\Lukasenko\Documents\ANNO 1404 Benátky
[2014.08.05 20:09:34 | 000,000,000 | ---D | C] -- C:\Users\Lukasenko\AppData\Roaming\Ubisoft
[2014.08.05 20:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[3 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.08.12 18:31:10 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.12 18:15:18 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.08.12 18:15:18 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.08.12 18:12:34 | 000,001,708 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-6.job
[2014.08.12 18:08:10 | 000,003,104 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-3.job
[2014.08.12 18:07:31 | 000,001,428 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5_user.job
[2014.08.12 18:07:28 | 000,001,406 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5.job
[2014.08.12 18:07:26 | 000,001,952 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-4.job
[2014.08.12 18:07:26 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.12 18:07:25 | 000,001,752 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-7.job
[2014.08.12 18:07:25 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014.08.12 18:07:24 | 000,001,314 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-2.job
[2014.08.12 18:07:24 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.08.12 18:07:23 | 000,001,498 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-1.job
[2014.08.12 18:07:22 | 000,001,252 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-10.job
[2014.08.12 18:07:22 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-11.job
[2014.08.12 18:05:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.08.12 18:05:51 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.11 21:58:10 | 000,000,139 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Traffic.ini
[2014.08.11 21:40:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.08.11 21:35:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000UA.job
[2014.08.11 19:52:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.11 19:22:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
[2014.08.11 19:17:09 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.08.11 19:17:07 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.08.11 19:17:07 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.08.11 19:17:07 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.08.11 00:06:40 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.08.11 00:00:33 | 1982,333,848 | ---- | M] () -- C:\Users\Lukasenko\Desktop\tlib_kennedy_leigh_vl121112_720p_8000.mp4
[2014.08.10 23:55:21 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.08.10 23:35:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000Core.job
[2014.08.10 22:57:36 | 001,107,968 | ---- | M] () -- C:\Users\Lukasenko\Desktop\RSIT.exe
[2014.08.05 20:45:26 | 000,001,746 | ---- | M] () -- C:\Users\Lukasenko\Desktop\Venice.lnk
[2014.08.05 20:02:35 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys
[2014.08.05 20:02:34 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys
[3 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.08.11 19:27:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.08.10 23:37:46 | 1982,333,848 | ---- | C] () -- C:\Users\Lukasenko\Desktop\tlib_kennedy_leigh_vl121112_720p_8000.mp4
[2014.08.10 22:57:34 | 001,107,968 | ---- | C] () -- C:\Users\Lukasenko\Desktop\RSIT.exe
[2014.08.05 20:45:26 | 000,001,746 | ---- | C] () -- C:\Users\Lukasenko\Desktop\Venice.lnk
[2014.08.05 20:02:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2014.08.05 20:02:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2014.07.28 16:15:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\netupdsrv.exe
[2014.07.28 16:15:28 | 000,108,544 | ---- | C] () -- C:\Windows\System32\installd.exe
[2014.07.28 16:15:18 | 000,179,712 | ---- | C] () -- C:\Windows\System32\nethtsrv.exe
[2014.07.28 16:15:08 | 000,108,544 | ---- | C] () -- C:\Windows\System32\hfnapi.dll
[2014.07.28 16:15:00 | 000,246,784 | ---- | C] () -- C:\Windows\System32\hfpapi.dll
[2014.05.31 21:42:51 | 000,001,096 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\MRDownloader.nast
[2014.04.20 20:56:05 | 000,000,048 | ---- | C] () -- C:\Users\Lukasenko\jagex_cl_runescape_LIVE.dat
[2014.04.20 20:56:05 | 000,000,024 | ---- | C] () -- C:\Users\Lukasenko\random.dat
[2014.04.14 20:10:58 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014.04.14 20:10:58 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014.04.14 20:10:58 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2014.04.14 20:10:50 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014.02.09 16:11:46 | 003,539,040 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014.02.09 16:02:01 | 000,314,656 | ---- | C] () -- C:\Windows\System32\NvIFROpenGL.dll
[2013.12.01 17:17:13 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2013.12.01 17:17:13 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2013.07.14 12:13:53 | 000,000,839 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Drives Meter_Settings.ini
[2013.07.14 12:04:06 | 000,000,480 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Weather Meter_Settings.ini
[2013.07.14 11:49:35 | 000,000,282 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\GPU MeterV2_Settings.ini
[2013.06.14 19:56:26 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.06.14 19:56:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.06.14 19:56:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.06.14 19:56:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.06.14 19:56:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013.05.09 22:14:05 | 000,000,374 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Digital Clock_Settings.ini
[2013.05.09 22:11:19 | 000,000,720 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Ping Monitor_Settings.ini
[2013.01.27 22:31:56 | 013,176,832 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Sandra.mdb
[2012.09.28 21:45:16 | 000,246,272 | ---- | C] () -- C:\Windows\System32\rtvcvfw64.dll
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2012.08.29 22:19:44 | 000,043,887 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\SRDownloader.err
[2012.08.29 22:17:56 | 000,011,952 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\SRDownloader.nast
[2012.08.05 19:57:09 | 000,000,412 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\All CPU Meter_Settings.ini
[2012.08.05 03:49:02 | 000,000,139 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Traffic.ini
[2012.08.05 03:47:17 | 000,000,639 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Settings.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.08.16 23:02:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\AnvSoft
[2014.07.01 21:50:18 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Battle.net
[2013.09.16 22:54:14 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2014.06.01 21:57:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\DAEMON Tools Lite
[2014.08.12 18:08:25 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Dropbox
[2013.11.27 00:22:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Earth 2140
[2012.09.24 19:54:53 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\GHISLER
[2013.11.03 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Guild Wars 2
[2014.08.11 19:13:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ICQ
[2013.09.03 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MotioninJoy
[2014.04.14 20:11:31 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MPC-HC
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Nokia
[2012.12.19 19:18:37 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\OCS
[2012.12.19 19:18:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Opera
[2014.04.20 20:55:32 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Oracle
[2014.01.10 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Origin
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\PC Suite
[2012.12.15 19:19:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\QIP
[2014.01.11 18:04:38 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Samsung
[2014.06.27 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TeamViewer
[2014.07.30 23:10:28 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TS3Client
[2012.08.13 20:58:05 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ts3overlay
[2012.08.05 02:50:13 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TuneUp Software
[2013.08.17 13:59:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TV Online
[2014.08.05 20:10:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Ubisoft
[2014.01.03 20:56:24 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >

[vyosek]

Do spodniho okna OTL jste nevlozil doplnkovy skript, jak je uvedeno v navodu. Zopakujte tedy prosim postup dle navodu

[Lukasenko]

Tak teď to bude snad OK akorát opět jen pouze OTL.txt Rozděluji na 2 z důvodu velikosti.

OTL logfile created on: 16.8.2014 14:41:31 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukasenko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 61,99% Memory free
7,00 Gb Paging File | 5,52 Gb Available in Paging File | 78,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 52,92 Gb Free Space | 17,76% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 2,43 Gb Free Space | 1,63% Space Free | Partition Type: NTFS

Computer Name: LUKASENKO-PC | User Name: Lukasenko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.08.15 20:47:50 | 036,414,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.08.14 00:34:02 | 001,937,600 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2014.08.14 00:30:52 | 001,520,832 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\bin\steamwebhelper.exe
PRC - [2014.08.11 19:22:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
PRC - [2014.08.06 11:34:34 | 013,246,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.08.06 11:21:00 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014.07.28 23:50:40 | 000,380,776 | ---- | M] (InfoHD-V1.8) -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-10.exe
PRC - [2014.07.28 23:50:18 | 000,031,592 | ---- | M] () -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe
PRC - [2014.07.28 16:15:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\netupdsrv.exe
PRC - [2014.07.28 16:15:18 | 000,179,712 | ---- | M] () -- C:\Windows\System32\nethtsrv.exe
PRC - [2014.07.21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2014.07.16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2014.06.26 19:26:29 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014.05.30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.05.30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.05.30 01:30:33 | 019,741,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014.03.11 10:13:14 | 000,951,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.12.19 20:37:25 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.12.19 20:37:25 | 000,930,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.12.19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.08.02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.03.02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012.03.02 00:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareAgent.exe
PRC - [2011.03.31 15:35:56 | 000,605,344 | ---- | M] (Atheros Communications) -- C:\Program Files\Bluetooth Suite\BtvStack.exe
PRC - [2011.03.31 15:35:52 | 000,519,328 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
PRC - [2011.03.31 15:35:50 | 000,068,768 | ---- | M] (Atheros Commnucations) -- C:\Program Files\Bluetooth Suite\AdminService.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.12.18 00:14:00 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.12.18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe


========== Modules (No Company Name) ==========

MOD - [2014.08.16 12:50:18 | 000,043,008 | ---- | M] () -- c:\Users\Lukasenko\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvrgakv.dll
MOD - [2014.08.15 20:46:08 | 003,610,624 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014.08.14 00:31:14 | 002,144,448 | ---- | M] () -- C:\Program Files\Steam\video.dll
MOD - [2014.08.14 00:30:50 | 000,677,056 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2014.08.13 08:27:50 | 034,587,328 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2014.08.04 21:15:26 | 001,171,456 | ---- | M] () -- C:\Program Files\Steam\libavcodec-55.dll
MOD - [2014.08.04 21:15:26 | 000,441,856 | ---- | M] () -- C:\Program Files\Steam\libavutil-53.dll
MOD - [2014.08.04 21:15:26 | 000,403,968 | ---- | M] () -- C:\Program Files\Steam\libavformat-55.dll
MOD - [2014.08.04 21:15:26 | 000,332,288 | ---- | M] () -- C:\Program Files\Steam\libavresample-1.dll
MOD - [2014.08.04 21:15:12 | 000,769,024 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2014.07.31 05:47:58 | 000,519,168 | ---- | M] () -- C:\Program Files\Steam\libswscale-2.dll
MOD - [2014.07.28 23:50:18 | 000,031,592 | ---- | M] () -- C:\Program Files\HD-V1.9\57889699-e09d-45e5-93ff-14ee32eeb35c-11.exe
MOD - [2014.05.15 20:04:36 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dbc236ca6655e4e3839ee4f802eb3f99\System.Data.ni.dll
MOD - [2014.05.14 22:27:40 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll
MOD - [2014.02.28 18:10:45 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014.02.28 18:08:48 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.02.27 23:47:57 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014.02.27 23:47:57 | 013,620,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\921861ef36355e6f12a981a188f99b8a\System.Web.ni.dll
MOD - [2014.02.27 23:47:53 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
MOD - [2014.02.27 23:47:50 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014.02.27 23:47:48 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014.02.27 23:47:43 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014.02.27 23:47:40 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014.02.27 23:47:37 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014.02.27 23:47:37 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014.02.27 23:47:35 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014.02.27 23:47:33 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014.02.27 23:47:32 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014.02.27 23:47:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014.02.27 23:47:25 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014.02.13 23:08:29 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014.02.13 23:02:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.13 23:02:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.13 23:02:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.13 23:01:57 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.08.23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2012.08.05 03:44:50 | 000,008,704 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\GetCoreTempInfoNET.dll
MOD - [2012.08.05 03:44:50 | 000,007,680 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\SystemInfo.dll
MOD - [2012.08.05 03:44:50 | 000,006,144 | ---- | M] () -- C:\Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.7.gadget\CoreTempReader.dll
MOD - [2010.11.13 04:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll


========== Services (SafeList) ==========

SRV - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.07.28 23:49:58 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014.07.28 23:49:58 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014.07.28 16:15:38 | 000,159,744 | ---- | M] () [Auto | Running] -- C:\Windows\System32\netupdsrv.exe -- (ServiceUpdater)
SRV - [2014.07.28 16:15:18 | 000,179,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\nethtsrv.exe -- (NetHttpService)
SRV - [2014.07.21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.07.17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.07.16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.07.08 21:40:10 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.06.19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.05.30 01:30:33 | 019,741,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014.03.11 10:13:24 | 000,279,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014.03.11 10:13:24 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.12.19 13:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.12.17 21:52:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.08.05 19:58:35 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.08.05 02:50:20 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2012.08.05 02:43:30 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.06.11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.03.02 18:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 18:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.03.31 15:35:50 | 000,068,768 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009.12.18 00:12:10 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.18 00:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008.12.07 12:27:00 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ay5mnqfh)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandmodem.sys -- (ANDModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandgps.sys -- (AndGps)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lganddiag.sys -- (AndDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandbus.sys -- (Andbus)
DRV - [2014.08.05 20:02:35 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2014.08.05 20:02:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2014.07.28 16:15:54 | 000,040,528 | ---- | M] (nethfdrv) [Kernel | System | Running] -- C:\Windows\System32\drivers\nethfdrv.sys -- (nethfdrv)
DRV - [2014.05.30 01:30:32 | 000,019,232 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014.03.31 18:42:44 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2014.03.11 09:52:30 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014.01.22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2014.01.22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014.01.22 09:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.12.19 22:26:04 | 010,471,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.11.28 15:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013.10.17 17:32:56 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2013.06.28 12:44:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2013.04.24 11:14:52 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2013.04.24 11:14:52 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2013.04.24 11:14:52 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2013.04.18 17:11:52 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2013.04.18 17:09:22 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2013.03.11 18:30:10 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\EVGA Precision X\RTCore32.sys -- (RTCore32)
DRV - [2012.08.08 21:12:23 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.08.04 23:32:10 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012.06.11 12:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.03.25 10:26:18 | 000,095,304 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2012.01.09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.03.31 15:36:04 | 000,247,968 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btfilter.sys -- (BtFilter)
DRV - [2011.03.31 15:36:02 | 000,266,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011.03.31 15:36:02 | 000,226,976 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011.03.31 15:36:02 | 000,147,104 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011.03.31 15:36:02 | 000,097,440 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2011.03.31 15:36:02 | 000,052,384 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011.03.31 15:36:02 | 000,043,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AthDfu.sys -- (ATHDFU)
DRV - [2011.03.31 15:36:02 | 000,035,488 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011.03.31 15:36:02 | 000,024,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.10.14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.02.11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{6ED7443C-1873-4A32-966E-3D9F286FF672}: "URL" = http://websearch.ask.com/redirect?clien ... 160DECD295
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: caseyvelez%40aol.com:0.95.33
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lukasenko\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lukasenko\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2014.07.29 19:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Extensions
[2014.07.30 16:23:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions
[2014.07.30 16:23:49 | 000,000,000 | ---D | M] ("HD-V1.9") -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com
[2014.08.16 13:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData
[2014.08.16 13:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData\plugins
[2014.08.16 13:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\caseyvelez@aol.com\extensionData\userCode
[2014.07.29 19:58:36 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Lukasenko\AppData\Roaming\Mozilla\Firefox\Profiles\3g9a25s1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.07.29 19:57:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.07.29 19:57:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: LogMeIn, Inc. Remote Access Components 1.0.0.1029 (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgnihglilniboicepgjclfiageofdfj\1.0.0.1029_0\ChromeLogMeIn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Lukasenko\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Video Downloader professional = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.43_0\
CHR - Extension: AdBlock = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.12_0\
CHR - Extension: Chrome to Mobile = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\3.1_0\
CHR - Extension: Peněženka Google = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Free Video Downloader = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcgclhebknpjfgncigkapfdjndkopdad\3.2.1_0\
CHR - Extension: HD-V1.9 = C:\Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdjjjmnacfjnmgckbhldbekckfldeolk\1.26.33_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (HD-V1.9) - {11111111-1111-1111-1111-110611171188} - C:\Program Files\HD-V1.9\HD-V1.9-bho.dll (InfoHD-V1.8)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [vdultimate_chrome] C:\ProgramData\VideoDownloaderUltimate\Chrome\vdultimate.exe (Link64 GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [Google Update] C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Lukasenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-1550193637-1918651212-3097508368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.61.139.129 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F69E4B25-86FE-4172-A3EE-632A220E0729}: DhcpNameServer = 86.61.139.129 84.16.96.2
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{04db95f4-de7c-11e1-b57c-001d7dd2c5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{04db95f4-de7c-11e1-b57c-001d7dd2c5ec}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{1ceea5f4-de63-11e1-b557-001d7dd2c5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{1ceea5f4-de63-11e1-b557-001d7dd2c5ec}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.RTV1 - C:\Windows\System32\rtvcvfw32.dll ()
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.08.11 19:22:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
[2014.08.11 19:17:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014.08.11 19:17:21 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.08.11 19:17:14 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.08.11 19:17:14 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.08.11 19:17:14 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.08.11 19:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.08.11 19:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.08.10 22:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.08.10 22:57:44 | 000,000,000 | ---D | C] -- C:\rsit
[4 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.08.16 14:43:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.16 14:40:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.08.16 14:35:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000UA.job
[2014.08.16 14:31:08 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.16 13:55:10 | 000,001,708 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-6.job
[2014.08.16 13:38:36 | 000,002,450 | ---- | M] () -- C:\Users\Lukasenko\Desktop\Google Chrome.lnk
[2014.08.16 12:55:30 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.08.16 12:55:30 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.08.16 12:50:34 | 000,001,057 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.08.16 12:49:59 | 000,001,033 | ---- | M] () -- C:\Users\Lukasenko\Desktop\Dropbox.lnk
[2014.08.16 12:47:16 | 000,001,428 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5_user.job
[2014.08.16 12:47:13 | 000,001,406 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5.job
[2014.08.16 12:47:10 | 000,003,104 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-3.job
[2014.08.16 12:47:09 | 000,001,952 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-4.job
[2014.08.16 12:47:07 | 000,001,752 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-7.job
[2014.08.16 12:47:07 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014.08.16 12:47:06 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014.08.16 12:47:05 | 000,001,498 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-1.job
[2014.08.16 12:47:05 | 000,001,314 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-2.job
[2014.08.16 12:47:05 | 000,001,252 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-10.job
[2014.08.16 12:47:05 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.16 12:47:04 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-11.job
[2014.08.16 12:46:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.08.16 12:45:56 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.13 00:00:20 | 000,000,139 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Traffic.ini
[2014.08.12 23:55:31 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014.08.12 23:43:02 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000Core.job
[2014.08.11 19:22:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukasenko\Desktop\OTL.exe
[2014.08.11 19:17:09 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014.08.11 19:17:07 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014.08.11 19:17:07 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014.08.11 19:17:07 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014.08.11 00:06:40 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014.08.10 22:57:36 | 001,107,968 | ---- | M] () -- C:\Users\Lukasenko\Desktop\RSIT.exe
[4 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.08.11 19:27:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.08.10 22:57:34 | 001,107,968 | ---- | C] () -- C:\Users\Lukasenko\Desktop\RSIT.exe
[2014.08.05 20:02:35 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2014.08.05 20:02:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2014.07.28 16:15:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\netupdsrv.exe
[2014.07.28 16:15:28 | 000,108,544 | ---- | C] () -- C:\Windows\System32\installd.exe
[2014.07.28 16:15:18 | 000,179,712 | ---- | C] () -- C:\Windows\System32\nethtsrv.exe
[2014.07.28 16:15:08 | 000,108,544 | ---- | C] () -- C:\Windows\System32\hfnapi.dll
[2014.07.28 16:15:00 | 000,246,784 | ---- | C] () -- C:\Windows\System32\hfpapi.dll
[2014.05.31 21:42:51 | 000,001,096 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\MRDownloader.nast
[2014.04.20 20:56:05 | 000,000,048 | ---- | C] () -- C:\Users\Lukasenko\jagex_cl_runescape_LIVE.dat
[2014.04.20 20:56:05 | 000,000,024 | ---- | C] () -- C:\Users\Lukasenko\random.dat
[2014.04.14 20:10:58 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014.04.14 20:10:58 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014.04.14 20:10:58 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2014.04.14 20:10:50 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014.02.09 16:11:46 | 003,539,040 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014.02.09 16:02:01 | 000,314,656 | ---- | C] () -- C:\Windows\System32\NvIFROpenGL.dll
[2013.12.01 17:17:13 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2013.12.01 17:17:13 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2013.07.14 12:13:53 | 000,000,839 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Drives Meter_Settings.ini
[2013.07.14 12:04:06 | 000,000,480 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Weather Meter_Settings.ini
[2013.07.14 11:49:35 | 000,000,282 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\GPU MeterV2_Settings.ini
[2013.06.14 19:56:26 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.06.14 19:56:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.06.14 19:56:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.06.14 19:56:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.06.14 19:56:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013.05.09 22:14:05 | 000,000,374 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Digital Clock_Settings.ini
[2013.05.09 22:11:19 | 000,000,720 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Ping Monitor_Settings.ini
[2013.01.27 22:31:56 | 013,176,832 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Sandra.mdb
[2012.09.28 21:45:16 | 000,246,272 | ---- | C] () -- C:\Windows\System32\rtvcvfw64.dll
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2012.08.29 22:19:44 | 000,043,887 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\SRDownloader.err
[2012.08.29 22:17:56 | 000,011,952 | ---- | C] () -- C:\Users\Lukasenko\AppData\Local\SRDownloader.nast
[2012.08.05 19:57:09 | 000,000,412 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\All CPU Meter_Settings.ini
[2012.08.05 03:49:02 | 000,000,139 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Traffic.ini
[2012.08.05 03:47:17 | 000,000,639 | ---- | C] () -- C:\Users\Lukasenko\AppData\Roaming\Network Monitor II_Settings.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.08.16 23:02:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\AnvSoft
[2014.07.01 21:50:18 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Battle.net
[2013.09.16 22:54:14 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2014.06.01 21:57:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\DAEMON Tools Lite
[2014.08.16 12:50:37 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Dropbox
[2013.11.27 00:22:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Earth 2140
[2012.09.24 19:54:53 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\GHISLER
[2013.11.03 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Guild Wars 2
[2014.08.11 19:13:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ICQ
[2013.09.03 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MotioninJoy
[2014.04.14 20:11:31 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MPC-HC
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Nokia
[2012.12.19 19:18:37 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\OCS
[2012.12.19 19:18:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Opera
[2014.04.20 20:55:32 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Oracle
[2014.01.10 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Origin
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\PC Suite
[2012.12.15 19:19:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\QIP
[2014.01.11 18:04:38 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Samsung
[2014.06.27 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TeamViewer
[2014.07.30 23:10:28 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TS3Client
[2012.08.13 20:58:05 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ts3overlay
[2012.08.05 02:50:13 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TuneUp Software
[2013.08.17 13:59:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TV Online
[2014.08.05 20:10:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Ubisoft
[2014.01.03 20:56:24 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\uTorrent

========== Purity Check ==========

[Lukasenko]

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.08.04 21:05:07 | 000,000,926 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000Core.job
[2012.08.04 21:05:17 | 000,000,978 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000UA.job
[2012.08.05 19:41:38 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.07 19:29:33 | 000,000,942 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 19:29:34 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.07.28 23:49:26 | 000,000,386 | ---- | C] () -- C:\Windows\Tasks\AmiUpdXp.job
[2014.07.28 23:49:59 | 000,003,104 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-3.job
[2014.07.28 23:50:01 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.07.28 23:50:03 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.07.28 23:50:13 | 000,000,594 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-11.job
[2014.07.28 23:50:21 | 000,001,708 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-6.job
[2014.07.28 23:50:21 | 000,001,752 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-7.job
[2014.07.28 23:50:29 | 000,001,952 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-4.job
[2014.07.28 23:50:31 | 000,001,498 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-1.job
[2014.07.28 23:50:34 | 000,001,314 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-2.job
[2014.07.28 23:50:40 | 000,001,252 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-10.job
[2014.07.28 23:50:43 | 000,001,406 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5.job
[2014.07.28 23:50:43 | 000,001,428 | ---- | C] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5_user.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2013.09.07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.09.08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\System32\winlogon.exe
[2014.03.04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.08.28 20:42:47 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Adobe
[2012.08.16 23:02:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\AnvSoft
[2013.09.03 20:32:21 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Atheros
[2014.07.01 21:50:18 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Battle.net
[2013.09.16 22:54:14 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2014.06.01 21:57:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\DAEMON Tools Lite
[2014.08.16 12:50:37 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Dropbox
[2013.11.27 00:22:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Earth 2140
[2012.09.24 19:54:53 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\GHISLER
[2013.11.03 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Guild Wars 2
[2014.08.11 19:13:54 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ICQ
[2012.08.04 19:46:25 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Identities
[2013.06.30 21:01:04 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\InstallShield Installation Information
[2012.08.12 14:52:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Media Center Programs
[2014.07.29 19:59:53 | 000,000,000 | --SD | M] -- C:\Users\Lukasenko\AppData\Roaming\Microsoft
[2013.09.03 20:45:30 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MotioninJoy
[2014.07.29 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Mozilla
[2014.04.14 20:11:31 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\MPC-HC
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Nokia
[2014.04.14 20:11:33 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\NVIDIA
[2012.12.19 19:18:37 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\OCS
[2012.12.19 19:18:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Opera
[2014.04.20 20:55:32 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Oracle
[2014.01.10 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Origin
[2014.02.11 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\PC Suite
[2012.12.15 19:19:48 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\QIP
[2014.01.11 18:04:38 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Samsung
[2013.03.31 15:37:26 | 000,000,000 | RH-D | M] -- C:\Users\Lukasenko\AppData\Roaming\SecuROM
[2014.07.16 22:33:27 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Skype
[2014.06.27 19:25:23 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TeamViewer
[2014.07.30 23:10:28 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TS3Client
[2012.08.13 20:58:05 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\ts3overlay
[2012.08.05 02:50:13 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TuneUp Software
[2013.08.17 13:59:40 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\TV Online
[2014.08.05 20:10:44 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Ubisoft
[2014.01.03 20:56:24 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\uTorrent
[2013.10.24 19:08:09 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\vlc
[2014.06.07 00:57:49 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\Winamp
[2014.06.01 12:15:02 | 000,000,000 | ---D | M] -- C:\Users\Lukasenko\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.08.15 20:47:50 | 036,414,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.08.15 20:51:02 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.08.15 20:47:54 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lukasenko\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.06.30 20:48:09 | 000,331,776 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe
[2012.10.21 15:54:36 | 000,029,926 | R--- | M] () -- C:\Users\Lukasenko\AppData\Roaming\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
[2012.12.19 19:18:37 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Lukasenko\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2012.12.19 19:18:37 | 000,040,960 | ---- | M] () -- C:\Users\Lukasenko\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.08.16 12:47:05 | 000,001,498 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-1.job
[2014.08.16 12:47:05 | 000,001,252 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-10.job
[2014.08.16 12:47:04 | 000,000,594 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-11.job
[2014.08.16 12:47:05 | 000,001,314 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-2.job
[2014.08.16 12:47:10 | 000,003,104 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-3.job
[2014.08.16 12:47:09 | 000,001,952 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-4.job
[2014.08.16 12:47:13 | 000,001,406 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5.job
[2014.08.16 12:47:16 | 000,001,428 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-5_user.job
[2014.08.16 14:50:00 | 000,001,708 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-6.job
[2014.08.16 12:47:07 | 000,001,752 | ---- | M] () -- C:\Windows\Tasks\57889699-e09d-45e5-93ff-14ee32eeb35c-7.job
[2014.08.16 14:40:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.08.16 12:47:07 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\AmiUpdXp.job
[2014.08.16 12:47:06 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014.08.12 23:55:31 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014.08.16 12:47:05 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.08.16 14:31:08 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.08.12 23:43:02 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000Core.job
[2014.08.16 14:35:00 | 000,000,978 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1550193637-1918651212-3097508368-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.08.04 23:32:10 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.08.16 12:55:30 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.08.16 12:55:30 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 07:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Google Update" = "C:\Users\Lukasenko\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.08.04 21:05:06 | 000,116,648 | ---- | M] (Google Inc.)
"Steam" = "C:\Program Files\Steam\steam.exe" -silent -- [2014.08.14 00:34:02 | 001,937,600 | ---- | M] (Valve Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.07.17 07:42:02 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=10F36FB8CD6218CD7F818268E0F3F9C6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.06.20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation) MD5=CD900EFB4F8946A2BB1950D9F45915C2 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.16 14:43:34 | 000,000,512 | ---- | M] () MD5=AA0EACC16943F855C8664909AA4E559F -- C:\PhysicalMBR.bin
[4 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *kms* /s >
[2014.05.30 01:30:32 | 000,019,232 | ---- | M] () -- \Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
[2014.05.30 01:07:52 | 000,183,296 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\14.6.22.1\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.pdb
[2014.05.30 01:28:53 | 000,020,256 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\14.6.22.1\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
[2014.05.30 01:07:54 | 000,191,488 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\14.6.22.1\GFExperience.NvStreamSrv\x86\server\NvStreamKms.pdb
[2014.05.30 01:30:32 | 000,019,232 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\14.6.22.1\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
[2010.11.20 14:19:26 | 000,071,168 | ---- | M] () -- \Windows\System32\KMSVC.DLL
[2009.07.14 10:43:17 | 000,002,560 | ---- | M] () -- \Windows\System32\cs-CZ\KMSVC.DLL.MUI
[2009.07.14 10:42:12 | 000,001,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_10f9bb656682774a.manifest
[2009.07.14 03:48:47 | 000,008,707 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7600.16385_none_11e6c4bbf79a5e2b.manifest
[2010.11.20 05:03:00 | 000,008,707 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_1417d883f488e1c5.manifest
[2009.07.14 10:43:17 | 000,002,560 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..on-hkmsvc.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_10f9bb656682774a\KMSVC.DLL.MUI
[2009.07.14 03:15:35 | 000,071,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7600.16385_none_11e6c4bbf79a5e2b\KMSVC.DLL
[2010.11.20 14:19:26 | 000,071,168 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..ssprotection-hkmsvc_31bf3856ad364e35_6.1.7601.17514_none_1417d883f488e1c5\KMSVC.DLL

< *crack* /s >
[2010.03.04 21:37:46 | 000,000,721 | ---- | M] () -- \Program Files\Pinnacle\Studio 15\Plugins\RTFx\HfxXML\Crackers.xml
[2010.03.04 21:37:46 | 000,000,738 | ---- | M] () -- \Program Files\Pinnacle\Studio 15\Plugins\RTFx\HfxXML\FireCracker.xml
[2010.07.04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010.07.04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010.07.04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010.07.04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010.07.04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010.07.04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010.07.04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010.07.04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010.07.04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010.07.04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010.07.04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010.07.04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010.07.04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010.07.04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010.07.04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010.07.04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010.07.04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010.07.04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010.07.04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010.07.04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010.07.04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010.07.04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2014.06.01 22:20:35 | 000,000,722 | ---- | M] () -- \Users\Lukasenko\AppData\Roaming\Microsoft\Windows\Recent\(DVD3) Watch_Dogs + Crack.lnk
[2011.07.26 17:51:56 | 006,525,536 | ---- | M] () -- \Users\Lukasenko\Desktop\Micro SD\16GB\download\Dungeon_Hunter_2_HD_LG_P970_Optimus_Black_android_v1.0.3_Cracked_Twingo.apk
[2011.07.26 18:23:44 | 004,728,962 | ---- | M] () -- \Users\Lukasenko\Desktop\Micro SD\16GB\download\Gangstar_Miami_Vindication_HD_LG_P970_Optimus_Black_android_v1.0.4_Cracked_Twingo.apk
[2011.07.26 18:20:16 | 002,949,866 | ---- | M] () -- \Users\Lukasenko\Desktop\Micro SD\16GB\download\GT_Racing_Motor_Academy_HD_LG_P970_Optimus_Black_android_v3.1.8_Cracked_Twingo.apk
[2010.03.04 21:37:46 | 000,010,179 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\65 - Patriotic\FireCracker.hfx
[2010.03.04 21:37:46 | 000,008,201 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Effects\70 - Foods\Crackers.hfx
[2010.03.04 21:45:04 | 001,543,882 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Food\Cracker.hfo
[2010.03.04 21:45:06 | 000,026,143 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker BAM.hfo
[2010.03.04 21:45:06 | 000,027,267 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker bottom.hfo
[2010.03.04 21:45:06 | 000,080,879 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\HollywoodFX\Objects\Patriotic\Firecracker top.hfo
[2010.10.19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack Vx.wav
[2010.10.19 13:32:04 | 000,843,284 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Gag\Whip Crack.wav
[2010.10.19 13:32:06 | 000,597,884 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Hrající si děti\Bat Crack .wav
[2010.10.19 13:32:08 | 016,633,220 | ---- | M] () -- \Users\Public\Documents\Pinnacle\Content\Sound Effects\UFX – Zimní radovánky\Crackling Hearth.wav

< *keygen* /s >
[2014.08.16 14:35:48 | 001,815,040 | ---- | M] () -- \ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{0AABB6C7-935E-D42E-D456-B147EA237DBE}-keygen.exe
[2014.08.05 19:45:41 | 001,815,040 | ---- | M] () -- \ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{BE580A72-765C-D332-C410-DAFCD80B0507}-keygen.exe
[2014.08.16 14:35:48 | 001,815,040 | ---- | M] () -- \Users\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{0AABB6C7-935E-D42E-D456-B147EA237DBE}-keygen.exe
[2014.08.05 19:45:41 | 001,815,040 | ---- | M] () -- \Users\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{BE580A72-765C-D332-C410-DAFCD80B0507}-keygen.exe

< *loader* /s >
[2013.05.16 21:11:22 | 001,152,288 | ---- | M] () -- \!!xx!!\Drivers\VGA_nVidia_Win7_64_VER918131193\GFExperience\ExtensionLoader.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \!Hry!\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \!Hry!\Counter-Strike 1.6\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \!Hry!\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \!Hry!\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2004.02.26 21:15:00 | 004,651,008 | ---- | M] () -- \!MP3!\Driftwood - Freeloader.mp3
[2004.09.21 17:18:16 | 004,812,800 | ---- | M] () -- \!MP3!\Alba\VA - Future Trance Vol. 22-2CD-2002-Promo.Release.Test.Only!-REA\214 Driftwood - Freeloader.mp3
[2009.10.19 07:45:06 | 000,070,936 | ---- | M] () -- \Program Files\2K Games\Borderlands Game of the Year Edition\Binaries\PhysXLocal\PhysXLoader.dll
[2009.10.19 10:45:22 | 000,030,315 | ---- | M] () -- \Program Files\2K Games\Borderlands Game of the Year Edition\WillowGame\CookedPC\Maps\Loader.umap
[2008.03.18 07:31:00 | 000,009,216 | R--- | M] () -- \Program Files\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.07.28 23:50:38 | 000,575,336 | ---- | M] () -- \Program Files\HD-V1.9\HD-V1.9-codedownloader.exe
[2012.12.17 21:51:40 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.12.17 21:51:41 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.12.17 21:51:40 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.12.17 21:53:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2008.05.19 12:04:09 | 000,068,688 | ---- | M] () -- \Program Files\Mass Effect\Binaries\PhysXLoader.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D69A62D4-BC8E-4152-8060-8FFAD8BECE64}\ExtensionLoader.dll
[2014.05.30 01:10:11 | 001,170,208 | ---- | M] () -- \Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.07.25 04:43:28 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 04:43:12 | 000,073,024 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.10 13:04:46 | 000,084,992 | ---- | M] () -- \Program Files\RivaTuner Statistics Server\RTSSHooksLoader.exe
[2013.07.15 19:17:42 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2014.02.28 03:58:38 | 000,007,825 | ---- | M] () -- \Program Files\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014.03.16 01:15:58 | 000,058,880 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2014.03.16 01:16:18 | 000,001,444 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidgetLoaderBUL.DEU
[2014.03.16 01:16:29 | 000,000,764 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_Allium_LootMidget_LoaderJET.DEU
[2014.03.16 01:16:11 | 000,000,710 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\DEU\GD_HolidayLoader.DEU
[2014.03.16 01:16:32 | 000,001,396 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidgetLoaderBUL.ESN
[2014.03.16 01:16:32 | 000,000,788 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_Allium_LootMidget_LoaderJET.ESN
[2014.03.16 01:16:09 | 000,000,734 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ESN\GD_HolidayLoader.ESN
[2014.03.16 01:15:59 | 000,001,414 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidgetLoaderBUL.FRA
[2014.03.16 01:16:32 | 000,000,738 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_Allium_LootMidget_LoaderJET.FRA
[2014.03.16 01:16:21 | 000,000,684 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\FRA\GD_HolidayLoader.FRA
[2014.03.16 01:16:30 | 000,001,440 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidgetLoaderBUL.ITA
[2014.03.16 01:16:00 | 000,000,784 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_Allium_LootMidget_LoaderJET.ITA
[2014.03.16 01:16:20 | 000,000,730 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\ITA\GD_HolidayLoader.ITA
[2014.03.16 01:16:31 | 000,001,270 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidgetLoaderBUL.JPN
[2014.03.16 01:16:20 | 000,000,722 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_Allium_LootMidget_LoaderJET.JPN
[2014.03.16 01:16:31 | 000,000,668 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\JPN\GD_HolidayLoader.JPN
[2014.07.15 19:04:56 | 000,001,250 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\KOR\GD_Allium_LootMidgetLoaderBUL.KOR
[2014.07.15 19:04:55 | 000,000,722 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\KOR\GD_Allium_LootMidget_LoaderJET.KOR
[2014.07.15 19:04:57 | 000,000,668 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Allium\Compat\Localization\KOR\GD_HolidayLoader.KOR
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2014.03.16 01:17:45 | 000,000,916 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2014.03.16 01:17:17 | 000,000,916 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2014.03.16 01:16:25 | 000,002,656 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2014.03.16 01:17:34 | 000,000,852 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2014.03.16 01:17:45 | 000,000,852 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2014.03.16 01:17:29 | 000,002,868 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2014.03.16 01:17:20 | 000,000,876 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2014.03.16 01:16:27 | 000,000,876 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2014.03.16 01:17:17 | 000,002,706 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2014.03.16 01:16:27 | 000,000,856 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2014.03.16 01:17:46 | 000,000,856 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2014.03.16 01:16:27 | 000,002,754 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2014.03.16 01:17:19 | 000,000,748 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2014.03.16 01:17:19 | 000,000,748 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2014.03.16 01:17:19 | 000,002,636 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2014.03.16 01:17:17 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBadass.KOR
[2014.03.16 01:17:19 | 000,000,728 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderBUL.KOR
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderEXP.KOR
[2014.03.16 01:17:26 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderGUN.KOR
[2014.03.16 01:17:19 | 000,000,728 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderHOT.KOR
[2014.03.16 01:17:17 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderJET.KOR
[2014.03.16 01:17:27 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderPWR.KOR
[2014.03.16 01:16:25 | 000,000,222 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_LoaderRPG.KOR
[2014.03.16 01:17:19 | 000,002,636 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Iris\Compat\Localization\KOR\GD_Iris_Population_Loader.KOR
[2014.03.16 01:16:49 | 000,001,144 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_BigLoaderTurret_Digi.DEU
[2014.03.16 01:16:49 | 000,000,570 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\DEU\GD_LoaderUltimateBadass_Digi.DEU
[2014.03.16 01:17:58 | 000,001,102 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_BigLoaderTurret_Digi.ESN
[2014.03.16 01:17:29 | 000,000,572 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ESN\GD_LoaderUltimateBadass_Digi.ESN
[2014.03.16 01:17:54 | 000,001,128 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_BigLoaderTurret_Digi.FRA
[2014.03.16 01:17:56 | 000,000,574 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\FRA\GD_LoaderUltimateBadass_Digi.FRA
[2014.03.16 01:18:27 | 000,001,108 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_BigLoaderTurret_Digi.ITA
[2014.03.16 01:16:49 | 000,000,570 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\ITA\GD_LoaderUltimateBadass_Digi.ITA
[2014.03.16 01:18:03 | 000,000,990 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_BigLoaderTurret_Digi.JPN
[2014.03.16 01:16:49 | 000,000,570 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\JPN\GD_LoaderUltimateBadass_Digi.JPN
[2014.07.15 19:04:58 | 000,000,956 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\KOR\GD_BigLoaderTurret_Digi.KOR
[2014.07.15 19:05:01 | 000,000,570 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Lobelia\Compat\Localization\KOR\GD_LoaderUltimateBadass_Digi.KOR
[2014.03.16 01:18:36 | 000,000,434 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\DEU\GD_BlingLoader.DEU
[2014.03.16 01:16:56 | 000,000,466 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\DEU\GD_BlingLoader_Mini.DEU
[2014.03.16 01:18:03 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\DEU\GD_Nast_BadassJunkLoader.DEU
[2014.03.16 01:18:01 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\DEU\GD_Nast_Girl_Loader.DEU
[2014.03.16 01:17:33 | 000,000,440 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ESN\GD_BlingLoader.ESN
[2014.03.16 01:18:05 | 000,000,472 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ESN\GD_BlingLoader_Mini.ESN
[2014.03.16 01:18:03 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ESN\GD_Nast_BadassJunkLoader.ESN
[2014.03.16 01:18:01 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ESN\GD_Nast_Girl_Loader.ESN
[2014.03.16 01:17:33 | 000,000,438 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\FRA\GD_BlingLoader.FRA
[2014.03.16 01:18:54 | 000,000,470 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\FRA\GD_BlingLoader_Mini.FRA
[2014.03.16 01:18:03 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\FRA\GD_Nast_BadassJunkLoader.FRA
[2014.03.16 01:18:01 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\FRA\GD_Nast_Girl_Loader.FRA
[2014.03.16 01:18:37 | 000,000,442 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ITA\GD_BlingLoader.ITA
[2014.03.16 01:18:03 | 000,000,474 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ITA\GD_BlingLoader_Mini.ITA
[2014.03.16 01:18:03 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ITA\GD_Nast_BadassJunkLoader.ITA
[2014.03.16 01:18:01 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\ITA\GD_Nast_Girl_Loader.ITA
[2014.03.16 01:18:36 | 000,000,434 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\JPN\GD_BlingLoader.JPN
[2014.03.16 01:16:56 | 000,000,466 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\JPN\GD_BlingLoader_Mini.JPN
[2014.03.16 01:18:03 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\JPN\GD_Nast_BadassJunkLoader.JPN
[2014.03.16 01:18:01 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\JPN\GD_Nast_Girl_Loader.JPN
[2014.07.15 19:05:01 | 000,000,434 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\KOR\GD_BlingLoader.KOR
[2014.07.15 19:05:01 | 000,000,466 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\KOR\GD_BlingLoader_Mini.KOR
[2014.07.15 19:05:02 | 000,000,446 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\KOR\GD_Nast_BadassJunkLoader.KOR
[2014.07.15 19:05:02 | 000,000,426 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Nasturtium\Compat\Localization\KOR\GD_Nast_Girl_Loader.KOR
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2014.03.16 01:18:12 | 000,004,418 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2014.03.16 01:18:43 | 000,004,550 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2014.03.16 01:18:26 | 000,004,486 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2014.03.16 01:18:13 | 000,004,558 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2014.03.16 01:18:12 | 000,004,418 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2014.03.16 01:18:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBadass.KOR
[2014.03.16 01:17:06 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBoss.KOR
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderBUL.KOR
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderEXP.KOR
[2014.03.16 01:17:06 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderGUN.KOR
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderHOT.KOR
[2014.03.16 01:18:22 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderION.KOR
[2014.03.16 01:18:11 | 000,000,228 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderJunk.KOR
[2014.03.16 01:19:11 | 000,000,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPirate.KOR
[2014.03.16 01:18:40 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderPWR.KOR
[2014.03.16 01:18:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderRPG.KOR
[2014.03.16 01:19:11 | 000,000,226 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_LoaderWAR.KOR
[2014.03.16 01:18:12 | 000,004,418 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_Loader.KOR
[2014.03.16 01:18:23 | 000,000,216 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Orchid\Compat\Localization\KOR\GD_Orchid_Pop_LoaderBoss.KOR
[2014.03.16 01:18:49 | 000,000,892 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Sage\Compat\Localization\ESN\GD_Sage_Pop_Loader.ESN
[2014.03.16 01:19:56 | 000,000,874 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Sage\Compat\Localization\FRA\GD_Sage_Pop_Loader.FRA
[2014.03.16 01:18:59 | 000,000,898 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Sage\Compat\Localization\ITA\GD_Sage_Pop_Loader.ITA
[2014.03.16 01:19:01 | 000,000,866 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\DLC\Sage\Compat\Localization\KOR\GD_Sage_Pop_Loader.KOR
[2014.03.16 01:10:04 | 003,465,909 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2014.03.16 01:14:01 | 000,032,232 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2014.03.16 01:19:42 | 000,001,140 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2014.03.16 01:20:00 | 000,000,504 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2014.03.16 01:19:16 | 000,009,492 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2014.03.16 01:19:28 | 000,001,072 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2014.03.16 01:19:53 | 000,000,518 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2014.03.16 01:19:53 | 000,009,746 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2014.03.16 01:19:30 | 000,001,098 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2014.03.16 01:19:43 | 000,000,514 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2014.03.16 01:19:20 | 000,009,610 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2014.03.16 01:19:32 | 000,001,068 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2014.03.16 01:19:32 | 000,000,530 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2014.03.16 01:19:23 | 000,009,798 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2014.03.16 01:19:25 | 000,000,946 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2014.03.16 01:19:55 | 000,000,502 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2014.03.16 01:19:14 | 000,009,486 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2012.02.06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012.02.06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010.07.04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010.07.04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010.07.04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010.07.04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010.07.04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010.07.04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010.07.04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010.07.04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010.07.04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files\Steam\SteamApps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\TuneUp Utilities 2010\data\TuneUpUtilities.gadget\images\loader.gif
[2007.09.22 18:50:16 | 000,068,688 | R--- | M] () -- \Program Files\Unreal Tournament 3\Binaries\PhysXLocal\PhysXLoader.dll
[2009.09.25 14:00:00 | 000,001,849 | ---- | M] () -- \Program Files\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2014.02.28 23:05:41 | 000,420,445 | ---- | M] () -- \ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx
[2014.02.28 23:05:41 | 000,420,445 | ---- | M] () -- \Users\All Users\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx
[2014.06.03 18:54:07 | 000,001,096 | ---- | M] () -- \Users\Lukasenko\AppData\Local\MRDownloader.nast
[2014.05.31 21:41:19 | 000,043,887 | ---- | M] () -- \Users\Lukasenko\AppData\Local\SRDownloader.err
[2014.05.31 21:41:25 | 000,011,952 | ---- | M] () -- \Users\Lukasenko\AppData\Local\SRDownloader.nast
[2014.08.13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.12_0\img\gifloader.gif
[2012.08.04 23:28:42 | 000,007,667 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\wetter.info.gadget\loadertext.png
[2014.06.26 23:25:34 | 000,017,912 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0R6HFSVE\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.07.15 19:40:44 | 000,001,980 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0R6HFSVE\AdLoader[1].htm
[2014.06.26 23:25:41 | 000,001,980 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JPXGRXD\AdLoader[1].htm
[2014.06.26 23:25:34 | 000,001,980 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRG6LHQG\AdLoader[1].htm
[2014.02.18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.02.18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Skype\Apps\login\images\loader.png
[2014.02.18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.02.18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.02.18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.05.30 01:10:11 | 001,170,208 | ---- | M] () -- \Users\Lukasenko\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\14.6.22.1\GFExperience\ExtensionLoader.dll
[2014.05.31 21:42:21 | 000,911,360 | ---- | M] () -- \Users\Lukasenko\Desktop\MRDownloader.exe
[2014.02.28 18:10:17 | 000,188,928 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common4f49951d#\8de416b35a642eff282425994eee9268\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
[2014.02.28 18:10:17 | 000,001,892 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common4f49951d#\8de416b35a642eff282425994eee9268\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll.aux
[2014.08.12 23:50:00 | 000,015,166 | ---- | M] () -- \Windows\Prefetch\HD-V1.9-CODEDOWNLOADER.EXE-C59E522F.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.08.05 21:57:13 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.08.05 21:57:13 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.08.05 21:57:14 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[vyosek]

Djedná se o PC po firmě co už skončila a s W7 Ultimate už jsem to dostal

Dobra a odvazna firma, kdyz si frcela na nelegalnim systemu V logu jsou jasne patrne prvky aktivatoru a cracknuti systemu...

My se na foru ale dle pravidel nelegalnimi systemy nezabyvame a je toto popsano i v chrte mezinarodni aliance ASAP jejiz jsme cleny.

[Lukasenko]

Hmm pěkný:( to bude asi jeden z důvodu proc skončila Tak děkuji alespoň za Váš čas.

[vyosek]

Proc skoncila netusim...

Jinak nemate tedy zac, bohuzel dale nemohu pokracovat...