Prosím o kontrolu logu

[Márty84]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[KebiQ]

Píše mi to, že to nemůže vytvořit jakýsi .bat soubor v mém adresáři a nechce mi to vyhodit ty logy, nevíte co s tím?

[Márty84]

Vim

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

[KebiQ]

OTL Extras logfile created on: 9.3.2014 15:45:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 47,17% Memory free
12,00 Gb Paging File | 8,69 Gb Available in Paging File | 72,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 25,52 Gb Free Space | 10,46% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 18,16 Gb Free Space | 8,19% Space Free | Partition Type: NTFS
Drive M: | 100,00 Mb Total Space | 71,81 Mb Free Space | 71,81% Space Free | Partition Type: NTFS

Computer Name: PATRIK-PC | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DCB4BF-29CF-4287-99EC-6C9B9FEA53BF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{08DBA4C6-1BB6-4643-883B-176700B41FC1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1F73A6D7-AD78-4C3B-A44A-3076AC610062}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{222DA66D-BD67-4A05-9507-2A33E31F2008}" = rport=137 | protocol=17 | dir=out | app=system |
"{35D7CB01-FB3C-4E57-89B2-C12632A04551}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36F957EC-3319-4DFC-852D-8AA67D69D4A9}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3EF309A3-FABC-40A2-A875-CC92BB57A392}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F23D193-9070-40E9-9617-9537DF4958AF}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4463F630-B625-4E9C-92F7-86E0A4919752}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{475987B8-27FB-40FB-8A00-A4CF2E7FC9D2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4A8F5065-0BE5-4F8A-901E-52B2E439D167}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{563F0D40-36C6-4FA4-9C22-0CC71A7345D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{571EC8B3-E3DF-4F56-B119-D627A4908611}" = lport=139 | protocol=6 | dir=in | app=system |
"{64A56F4B-931C-4720-884D-8BB289DCA445}" = lport=445 | protocol=6 | dir=in | app=system |
"{825E8B36-D007-46A9-AE48-1FF403650214}" = lport=137 | protocol=17 | dir=in | app=system |
"{826CBD22-A414-4F35-B31D-7580007CA175}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8780E1AA-8C09-4BE9-8520-87877E8510D0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8F1FD905-C635-4803-8E47-69E0B6B54A31}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{90218604-6313-46B0-A826-E98F08596853}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{934A85CE-73B8-40B5-90DF-9F31DD7B4EDF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{951461C7-7AE4-4751-A4AB-FF20630B07F1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{989C7F86-89A6-4C0E-A290-F04C0F95106F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9CB2192B-72FC-4E30-8045-DCE2A5CA2C4A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A048AF9F-D8C8-4E2A-B2C3-9746FBB499F3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A61FE02E-99C5-4EAF-A6ED-1AEC2F781D41}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A949AD8B-44B5-4D4D-89A4-6A5330EA3F12}" = rport=445 | protocol=6 | dir=out | app=system |
"{B1A07DB2-022A-4B5B-8E43-7BE89981F564}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B805AF0B-70DD-4AE3-931E-D65BD0F02F80}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9EAD03A-E06B-4AF7-BB67-6055BADA51CF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BD589B72-EFDF-458F-9CB6-4EEF04CF9D68}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BDA7957E-1F8E-4F2D-B31A-4472D664608A}" = rport=138 | protocol=17 | dir=out | app=system |
"{BE50E9B0-8BAD-4F47-8DE4-B99A0EDA6C45}" = rport=139 | protocol=6 | dir=out | app=system |
"{C5988E47-CB6C-4488-B9E2-A16E4203F23F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C608CBFB-1923-4D27-9F62-A66CC477EBF1}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C9EAC568-F4E7-41E1-8852-C30427D08947}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCE617FE-2ABD-4796-A274-7C04585C9C1D}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D054D74A-AE6C-43EF-B18D-8E41BCE5B538}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1723464-74FE-46C5-B94D-8D522CCA1E88}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D18FA73D-2086-44E4-BEB2-C560F61CA068}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D67D4720-CF4D-4513-8EA4-7AF0E9507677}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D80DCBB1-F60C-4965-B6EC-AA1529BBD0B8}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E2DA4E25-6AFA-4221-BF4A-3234D2755E75}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E8F85E4D-E716-4531-8188-7A71F3FFCAC9}" = lport=138 | protocol=17 | dir=in | app=system |
"{EA7C2672-9903-418D-A531-C25A6548B6FC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F7F87260-B27B-4C4B-869F-358863CFD101}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EE2732-DB5B-4B09-BF6E-6B817C96336B}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{03C3619A-82DD-4782-B8F4-722882CB8DCD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{09E84740-CCC1-4CE3-8E7F-4DD015480CFB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe |
"{0E8E074F-9AE7-4F03-8978-1DF304297EB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{143588BD-3F9F-421A-9A6B-18979DF12DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{1690D359-69D1-4173-9B97-B3D9BC0C27DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{18E46E63-BA63-4B4C-AAF8-E7DC64A0E2F6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{19AB7C3B-FEE2-4A62-86B6-2FFD19C74EC3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A5D638F-4A68-4FBE-A9C3-C912C5E21FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"{1CA94A99-0491-4621-98E8-7C0A6542DDA6}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat |
"{1CD7CB70-6FF9-45C0-8243-AC5BDDB137DC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1E23CD2B-18E2-4358-AB04-E981B6C8926F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{1FA91DEE-3E71-4F9A-883A-BBA0FEB54A21}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{26EBDCA0-CDC6-4897-9C22-B5919273CB5A}" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\garenamessenger.exe |
"{2B5EECBA-0D2E-44E9-8C5B-3D527E132DE0}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{2DCAB3AF-89AE-4F07-B283-15D70CBAC190}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{309A57F8-E74B-41E5-AC72-EE84612A706F}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\frozen throne.exe |
"{30A5EF34-6808-4788-B62E-8956CB86B2C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{32216EE6-C5F5-4614-83E1-A7B9D838882B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{33F58A9D-3237-4045-A756-A48B2DAD15E8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe |
"{3BDEB1F5-A660-405B-AB3C-16D583519640}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3CEF01C3-15B2-494A-B17A-3839C2BEB41F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40F227E5-B6ED-43E3-8DB7-75A8E0765171}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{422942EE-01EE-48C4-8A49-614EB9B46A43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4619A7E0-3412-4058-A434-32934262DD6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{4BA85AC4-F266-44C5-A922-F71818CC3602}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4DC9DFFB-9EDE-4ADD-92B9-99696AE0C6A4}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{50A5F756-737A-4391-8648-9CFE44B634B4}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{541A25BD-EF20-46E8-9DC9-66D55A7B01AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CB14FEF-C6FE-4CA1-9B90-8B8BBB97BB0A}" = dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"{5D8F9419-BA35-40AA-8694-907559FB5EF4}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{5E7AC9B7-201C-4EA3-A7AA-376AFC532623}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{60CFCEAC-1050-44FF-ACCA-37BFD7D6085F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{633F2FAA-9534-42B0-A01D-E58987616B76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{63A79B26-D9FD-4943-B1A3-424002CA5C02}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{644D0083-5E03-4A45-8793-3539CC2C4330}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{675AF832-25F6-45F7-93B1-2B768E2E4A9D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{6A21483A-6284-4285-8AF6-E59BC1533A66}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6AC2F0DC-8314-47F4-A404-A7657010F18C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{6DE5ED29-8E3A-453A-84C5-5CC56474A931}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E1F5684-49BF-4C7C-84F3-F43718D38934}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{71CDBEB7-1913-4911-B4E5-D340E3016E12}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{71EFDFA9-D9C3-44EE-9514-F5406D275161}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{78F9CB2E-4841-4841-86FC-7F5962289536}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7A7E07E5-3AB6-4A14-B18D-F83901531471}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{7BB7A343-AFA0-4FD7-8335-0587C9657698}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{7E3034A0-027B-4CA4-ADCD-558734794834}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F0BDB1B-6EAE-4770-8799-EF578D8AAF4A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8180E90C-A4AF-4B97-969D-080C9C8C1664}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82111AAB-9706-446C-A879-E23FBB517275}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{849C7831-C15E-4AD2-A098-B59F63B0B603}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85B6048F-000F-419D-B0B7-F8712BA7CC53}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{8D589280-6F2A-45B5-90DD-E04336E62648}" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\garenamessenger.exe |
"{8EBC8D9F-418F-42FE-BD65-E4C719A3DA4D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8F5B226E-7A30-45F7-A585-57B9B9DF255A}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\frozen throne.exe |
"{98A91FF4-FCCF-4DF2-A4EE-71DB0CC00929}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{99361CB5-252A-412D-BD77-ACB31F7A1B3A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{9C6DA8A8-BF2B-4BD9-B7AF-064A06DC9B0C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{9DC9B776-5900-4A15-B9E4-32CDF992A8C9}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{9F428291-AA49-43E6-B8EF-E46DECAFC63F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{A2731F70-C5F5-4804-A60B-0ABEA36156A6}" = protocol=6 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"{A3320509-AF75-48DD-B110-C620342A6422}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{A651E73E-D372-4727-857E-D0BBBF0BBDCD}" = dir=in | app=c:\program files (x86)\garena plus\ggdllhost.exe |
"{A6E56A9F-E22F-4DE1-AF13-EBA510AC0E58}" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\warcraft iii.exe |
"{A860D344-AE52-40C8-9DBA-C55F9564516D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A87CFB87-3129-4961-B3F4-E26B1D059BC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AB4DF51E-80F1-433A-A2AB-EE3F267C5D23}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{B0FAF3E3-42C9-4DA3-970C-103152565933}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\lotrbfme2.exe |
"{B3E00DB7-21A9-4933-A12C-83D725B5F935}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B6CE3C5B-C7B4-436E-B259-6293F8CB5141}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7850B47-0043-46E2-AD3D-163F60880821}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B8427C3E-BABB-4426-937A-14A912576C20}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{BC8F0EA2-48DD-45EB-86C3-A77C103393AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD0A7EC5-5687-45B3-AF95-F4F333BBD345}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{C3EAE925-265B-4E53-BD05-2E90ADC47BD2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{C8C0DA14-1DBB-47EA-A578-F2C5E5930204}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{CE4D375D-8802-4CB8-9C8A-6CA24A0AC3B9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D353E9F0-5996-42FC-9E6E-F52379A5CB33}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{D6DBD619-7CC7-4677-92DB-3589FEBFBE0C}" = protocol=6 | dir=out | app=system |
"{D748B9E3-DB3F-4532-A861-3C04DA5EE74F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D822460A-948B-4AFD-B673-69A0637C3723}" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\warcraft iii.exe |
"{D879BC63-9F27-4159-AF0F-C0775ED4ACF6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DA06BCF1-91C4-48EA-A614-017605360297}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{DB3C7068-2F1F-46DD-B2F2-070B010CC157}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E0B6BB48-0146-424D-8B45-3CE3E064CE71}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E6292888-CD19-42A3-AD06-6B3C25B77770}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\lotrbfme2.exe |
"{F418C655-AFAB-4427-85F3-8C3B80F61E8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F57D1029-A245-4AE1-BAF2-DC92DEA88227}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F57F32F3-9ECB-4F0A-8D70-84C8393F883A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{F702057A-8172-4C95-812B-E01257436EB5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FC566C4F-3F20-44ED-A3D0-8418117E66DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FD2508C6-B22D-4636-A413-20F891DD39BA}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{FD5FFC88-6254-4DED-BC42-A26108E7E132}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FFFE6F01-282F-4A29-9626-657BCC489089}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FFFE6F8B-3514-4671-B7B5-F66648489B9F}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{1142897A-B0F5-4190-BC5E-5A620776C714}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{551F38BF-7D7D-48F9-8EBC-8BC14B8D30FF}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{66CC6F6A-B01C-45BA-A49C-FAEDBA885CF6}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{6BA2D81D-0A35-45CD-B763-9129F9815B8E}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{831EE5A3-6B0C-4D6F-86BD-FB841ED0212C}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe |
"TCP Query User{971908F7-39EF-4554-A0D2-374330293ADC}C:\users\patrik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\patrik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{9FD75285-CD2F-457D-BB88-C5F8D0E70478}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{B4A4E2DC-18D7-4D8C-87F1-12AB42383849}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{D20088BD-9D68-41D3-A161-159BF06187D2}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{E93AAFC2-A4E6-47CD-8F1D-30C593C826DD}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{F5C068CC-2458-4560-9A2B-6F6B93BC9617}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{FBF965C2-F017-4F22-B89E-C054E9752030}C:\program files (x86)\garena classic\garena.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"UDP Query User{1AF9DCB3-745C-40BE-99FE-9E7BDC84F2DF}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{3820F9AF-C7AE-4220-884A-5AA26DF2B3C5}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{514606BC-DEDA-47AF-A265-C00FDC44115B}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{6CAE93D7-DC4A-4A53-B929-9C989FF92EBB}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{718759A3-179F-4D9E-AABE-7A1979E81742}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{84D89816-0749-4EA0-9AFD-EC9A6B5E3285}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{A36DCE5D-DC71-4537-B94D-FF29FEF3745C}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{A4496F41-D624-446B-A02C-91197BF46286}C:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v collector edition\bin\h5_game.exe |
"UDP Query User{B0828A64-E345-49DC-9DF3-6E7BC3A19393}C:\users\patrik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\patrik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{B3A63173-4150-4782-B4E0-ADA6BCA8F74A}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{C1A60DE7-FFD1-48AE-982B-5FC8A4B8B23C}C:\program files (x86)\garena classic\garena.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena classic\garena.exe |
"UDP Query User{F0743478-E673-44D9-BBA2-5084139C6A85}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A91BC6-462E-4859-B355-FA12F743E8EE}" = ESET NOD32 Antivirus
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B47797F6-4C28-3F32-83DC-2784335CA487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"CCleaner" = CCleaner
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{10B43A43-FF73-47FD-83E8-A503E84F9ED6}" = OpenOffice.org 3.3
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin
"{45B92257-603B-49C1-943F-EC27367D7CE4}" = Chemistry Add-in for Word
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{626F32D6-007C-41D5-8157-9509AB1428BE}" = Unreal II
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1208.1
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{91BA5476-8B26-49E4-84B2-9EFE10917B33}" = LogMeIn Hamachi
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Audacity_is1" = Audacity 2.0
"Bloody3" = Bloody4
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dishonored_is1" = Dishonored
"Fraps" = Fraps (remove only)
"Free Video Converter_is1" = Free Video Converter V 3.2
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mount&Blade Warband" = Mount&Blade Warband
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OCCT_is1" = OCCT Perestroika 3.1.0
"Open Broadcaster Software" = Open Broadcaster Software
"PunkBusterSvc" = PunkBuster Services
"Risen 2 Dark Waters_is1" = Risen 2 Dark Waters
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 200170" = Worms Revolution
"Steam App 218" = Source SDK Base 2007
"Steam App 220" = Half-Life 2
"Steam App 4000" = Garry's Mod
"Steam App 42910" = Magicka
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8.3.2014 17:53:10 | Computer Name = Patrik-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: League of Legends.exe, verze: 4.3.0.495,
časové razítko: 0x531164e2 Název chybujícího modulu: League of Legends.exe, verze:
4.3.0.495, časové razítko: 0x531164e2 Kód výjimky: 0xc0000005 Posun chyby: 0x005801e0
ID
chybujícího procesu: 0x74c Čas spuštění chybující aplikace: 0x01cf3b1310cfcfd1 Cesta
k chybující aplikaci: C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League
of Legends.exe Cesta k chybujícímu modulu: C:\Program Files (x86)\Leage of Legends\League
of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League of
Legends.exe ID zprávy: 09625991-a70c-11e3-9a3c-00241dcdb3d5

Error - 8.3.2014 20:52:48 | Computer Name = Patrik-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall

Error - 8.3.2014 21:58:14 | Computer Name = Patrik-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 9.3.2014 6:02:37 | Computer Name = Patrik-PC | Source = SetupARService | ID = 0
Description = Službu nelze spustit. System.NullReferenceException: Odkaz na objekt
není nastaven na instanci objektu. v SetupAfterRebootService.SetupARService.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 9.3.2014 6:04:18 | Computer Name = Patrik-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall

Error - 9.3.2014 6:36:22 | Computer Name = Patrik-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 9.3.2014 6:38:23 | Computer Name = Patrik-PC | Source = SetupARService | ID = 0
Description = Službu nelze spustit. System.NullReferenceException: Odkaz na objekt
není nastaven na instanci objektu. v SetupAfterRebootService.SetupARService.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 9.3.2014 6:40:31 | Computer Name = Patrik-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall

Error - 9.3.2014 6:47:14 | Computer Name = Patrik-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall

Error - 9.3.2014 8:59:44 | Computer Name = Patrik-PC | Source = SetupARService | ID = 0
Description = Službu nelze spustit. System.NullReferenceException: Odkaz na objekt
není nastaven na instanci objektu. v SetupAfterRebootService.SetupARService.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

[ System Events ]
Error - 9.3.2014 6:35:50 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 9.3.2014 6:35:51 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 9.3.2014 6:36:17 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 9.3.2014 6:42:42 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Browser bylo dosaženo časového
limitu (30000 ms).

Error - 9.3.2014 6:42:42 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7000
Description = Služba Prohledávání počítačů neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 9.3.2014 8:51:24 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 9.3.2014 8:51:25 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 9.3.2014 8:55:28 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 9.3.2014 8:58:00 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 9.3.2014 8:58:05 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.


< End of report >

[KebiQ]

A zde je druhý(velký log) rozdělen do dvou zpráv


OTL logfile created on: 9.3.2014 15:45:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 2,83 Gb Available Physical Memory | 47,17% Memory free
12,00 Gb Paging File | 8,69 Gb Available in Paging File | 72,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 25,52 Gb Free Space | 10,46% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 18,16 Gb Free Space | 8,19% Space Free | Partition Type: NTFS
Drive M: | 100,00 Mb Total Space | 71,81 Mb Free Space | 71,81% Space Free | Partition Type: NTFS

Computer Name: PATRIK-PC | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.03.09 15:04:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrik\Desktop\OTL.exe
PRC - [2014.03.08 10:53:15 | 005,325,152 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\LoLLauncher.exe
PRC - [2014.02.26 19:57:32 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.02.05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.01.12 14:49:07 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.12.13 04:24:14 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe
PRC - [2013.07.10 18:53:55 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.10.29 19:54:49 | 001,294,336 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe


========== Modules (No Company Name) ==========

MOD - [2014.03.08 10:53:16 | 000,265,056 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\RiotLauncher.dll
MOD - [2014.03.08 10:53:15 | 005,325,152 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.202\deploy\LoLLauncher.exe
MOD - [2014.03.07 14:26:28 | 000,181,760 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.226.433.3_0\plugin\ace.dll
MOD - [2014.03.02 03:35:25 | 000,394,568 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014.03.02 03:35:24 | 013,632,840 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014.03.02 03:35:23 | 004,061,000 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014.03.02 03:35:20 | 000,716,616 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
MOD - [2014.03.02 03:35:19 | 000,100,168 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\libegl.dll
MOD - [2014.03.02 03:35:17 | 001,647,432 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014.03.02 03:35:15 | 000,051,016 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2013.12.13 04:24:22 | 000,553,776 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggspawn.dll
MOD - [2013.12.13 04:24:14 | 000,049,456 | ---- | M] () -- C:\Program Files (x86)\Garena Plus\ggdllhost.exe
MOD - [2013.07.10 18:53:55 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe
MOD - [2012.10.29 19:54:49 | 001,294,336 | ---- | M] () -- C:\Program Files (x86)\Leage of Legends\League of Legends\RADS\system\rads_user_kernel.exe


========== Services (SafeList) ==========

SRV:64bit: - [2014.02.06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.02.05 10:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2014.02.26 19:57:32 | 002,224,976 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.02.26 09:50:04 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014.02.25 22:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.02.21 15:10:53 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.18 21:57:39 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.01.12 14:49:07 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.09.15 12:28:57 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2012.07.12 20:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.08 16:15:26 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2012.09.08 20:13:06 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.04 15:58:56 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.09.21 00:43:52 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.04 03:21:08 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2000.01.01 01:00:00 | 000,685,672 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2000.01.01 01:00:00 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2000.01.01 01:00:00 | 000,017,920 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Amusbx64.sys -- (Amusbprt)
DRV:64bit: - [2000.01.01 01:00:00 | 000,012,288 | ---- | M] ((Standard mouse types)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Amfltx64.sys -- (Amfilter)
DRV - [2014.03.09 13:59:31 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.05.27 01:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2000.01.01 01:00:00 | 000,222,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2000.01.01 01:00:00 | 000,050,176 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUCcid.sys -- (RSUSBCCID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{08B12C70-0211-4662-AB5C-3932CC7D2F37}: "URL" = http://websearch.ask.com/redirect?clien ... B260AF7735
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... FA_csCZ453
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchT ... BFORID%3A1
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Patrik\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Patrik\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.10.30 21:40:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.10.30 21:40:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.08.07 16:55:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Extensions
[2012.06.17 11:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions
[2012.06.17 11:08:16 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013.11.23 15:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\3rj1mbcc.default\extensions
[2014.02.18 21:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.02.18 21:57:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?clien ... earchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc= ... earchTerms},
CHR - homepage: http://seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patrik\AppData\Local\Google\Chrome\Application\33.0.1750.146\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Hangouts = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.226.433.3_0\
CHR - Extension: Peněženka Google = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.03.09 14:00:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.15.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7F93F6D-8071-437F-A123-20ABD25B4046}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.RTV1 - rtvcvfw32.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.03.09 15:04:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrik\Desktop\OTL.exe
[2014.03.09 14:05:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.03.09 14:00:30 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014.03.09 11:22:25 | 005,187,267 | R--- | C] (Swearware) -- C:\Users\Patrik\Desktop\ComboFix.exe
[2014.03.08 20:52:30 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\CrashDumps
[2014.03.08 12:50:09 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\RK_Quarantine
[2014.03.08 10:26:59 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014.03.08 00:16:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.06 17:21:26 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\Programs
[2014.03.05 23:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDisk
[2014.03.05 21:13:44 | 000,000,000 | ---D | C] -- C:\rsit
[2014.03.01 20:59:24 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Documents\THE SETTLERS - Heritage of Kings
[2014.03.01 15:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2014.03.01 15:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2014.03.01 10:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014.03.01 10:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014.02.25 17:46:47 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.02.25 17:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.02.25 17:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.02.22 21:44:01 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Documents\Mount&Blade With Fire and Sword
[2014.02.20 18:07:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.02.20 18:06:25 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.02.20 18:00:24 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.20 18:00:24 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.20 18:00:24 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.20 18:00:24 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.20 18:00:24 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.20 18:00:24 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.02.20 18:00:24 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.02.20 18:00:23 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.20 18:00:23 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.20 18:00:23 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.20 18:00:23 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.20 18:00:23 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.20 18:00:23 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.20 18:00:23 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.20 18:00:23 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.20 18:00:23 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.20 18:00:23 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.20 18:00:23 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.20 18:00:23 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.20 18:00:23 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.20 18:00:23 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.20 18:00:23 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.19 21:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elophant
[2014.02.18 21:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.02.13 00:53:51 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.02.13 00:52:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.02.13 00:52:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.02.13 00:52:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.02.13 00:52:52 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.02.13 00:52:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.02.13 00:52:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.02.13 00:52:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.02.13 00:52:50 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.02.13 00:52:49 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.02.13 00:52:49 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.02.13 00:52:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.02.13 00:52:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.02.13 00:52:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.02.13 00:52:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.02.13 00:52:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.02.13 00:52:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.02.13 00:52:47 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.02.13 00:52:47 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.02.13 00:52:47 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.02.13 00:52:46 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.02.13 00:52:44 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.02.13 00:52:43 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.02.13 00:52:39 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.02.12 16:59:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.02.12 16:59:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.02.12 16:58:41 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.02.12 16:58:41 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.02.12 16:58:41 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.02.12 16:58:41 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.02.12 16:58:41 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.02.12 16:58:40 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.02.12 16:58:40 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.02.12 16:58:40 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.02.12 16:58:40 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.02.12 16:58:40 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.02.12 16:58:40 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.02.12 16:58:40 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.02.12 16:58:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.02.12 16:58:39 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.02.12 16:58:39 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.02.12 16:58:39 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.02.12 16:58:39 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.02.12 16:58:26 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014.02.12 16:58:26 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.03.09 15:46:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.09 15:25:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001UA.job
[2014.03.09 15:20:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.09 15:10:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.09 15:04:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrik\Desktop\OTL.exe
[2014.03.09 14:09:40 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.09 14:09:40 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.09 14:00:25 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.03.09 13:59:35 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.09 13:59:31 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014.03.09 13:59:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.09 13:59:16 | 535,683,071 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.09 11:23:00 | 005,187,267 | R--- | M] (Swearware) -- C:\Users\Patrik\Desktop\ComboFix.exe
[2014.03.08 20:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001Core.job
[2014.03.08 12:49:28 | 003,819,008 | ---- | M] () -- C:\Users\Patrik\Desktop\RogueKiller.exe
[2014.03.07 22:25:07 | 001,244,192 | ---- | M] () -- C:\Users\Patrik\Desktop\adwcleaner.exe
[2014.03.05 21:14:37 | 000,007,598 | ---- | M] () -- C:\Users\Patrik\AppData\Local\Resmon.ResmonCfg
[2014.03.01 20:57:21 | 000,002,441 | ---- | M] () -- C:\Users\Public\Desktop\THE SETTLERS - Dědictví králů.lnk
[2014.03.01 15:57:14 | 000,002,383 | ---- | M] () -- C:\Users\Public\Desktop\Dishonored.lnk
[2014.03.01 10:12:26 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2014.02.27 12:50:27 | 001,587,154 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.27 12:50:27 | 000,677,722 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.27 12:50:27 | 000,663,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.27 12:50:27 | 000,146,640 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.27 12:50:27 | 000,126,314 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.27 12:50:13 | 001,587,154 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.25 17:41:23 | 000,002,731 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.02.21 15:10:52 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.21 15:10:52 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.08 19:34:51 | 031,432,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.02.08 19:34:51 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.02.08 19:34:51 | 023,683,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.02.08 19:34:51 | 018,257,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.02.08 19:34:51 | 017,715,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.02.08 19:34:51 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.02.08 19:34:51 | 015,740,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.02.08 19:34:51 | 014,669,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.02.08 19:34:51 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.02.08 19:34:51 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.02.08 19:34:51 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.02.08 19:34:51 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.02.08 19:34:51 | 003,142,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.02.08 19:34:51 | 003,090,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.02.08 19:34:51 | 002,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.02.08 19:34:51 | 002,782,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.02.08 19:34:51 | 002,713,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.02.08 19:34:51 | 002,410,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.02.08 19:34:51 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014.02.08 19:34:51 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014.02.08 19:34:51 | 000,892,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.02.08 19:34:51 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.02.08 19:34:51 | 000,863,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.02.08 19:34:51 | 000,844,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.02.08 19:34:51 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014.02.08 18:42:36 | 006,712,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.02.08 18:42:36 | 003,498,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.02.08 18:42:32 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014.02.08 18:42:32 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.02.08 18:42:32 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.02.08 17:18:30 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.09 15:07:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.08 12:49:22 | 003,819,008 | ---- | C] () -- C:\Users\Patrik\Desktop\RogueKiller.exe
[2014.03.07 22:24:42 | 001,244,192 | ---- | C] () -- C:\Users\Patrik\Desktop\adwcleaner.exe
[2014.03.01 20:57:21 | 000,002,441 | ---- | C] () -- C:\Users\Public\Desktop\THE SETTLERS - Dědictví králů.lnk
[2014.03.01 15:57:14 | 000,002,383 | ---- | C] () -- C:\Users\Public\Desktop\Dishonored.lnk
[2013.04.27 13:30:09 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2012.09.17 17:42:53 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012.06.09 22:02:56 | 000,000,094 | ---- | C] () -- C:\Users\Patrik\AppData\Local\fusioncache.dat
[2012.06.09 22:01:42 | 001,587,154 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.24 12:55:31 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.12.22 18:57:07 | 000,008,192 | ---- | C] () -- C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.20 17:50:33 | 000,007,598 | ---- | C] () -- C:\Users\Patrik\AppData\Local\Resmon.ResmonCfg
[2011.10.17 17:08:00 | 000,001,761 | ---- | C] () -- C:\Users\Patrik\AppData\Local\SRDownloader (1).err
[2011.10.16 15:47:58 | 000,001,336 | ---- | C] () -- C:\Users\Patrik\AppData\Local\SRDownloader (1).nast
[2011.10.16 11:54:21 | 000,001,825 | ---- | C] () -- C:\Users\Patrik\AppData\Local\SRDownloader.err
[2011.10.16 11:31:15 | 000,045,270 | ---- | C] () -- C:\Users\Patrik\AppData\Roaming\room_v3.dat
[2011.10.16 09:28:47 | 000,001,104 | ---- | C] () -- C:\Users\Patrik\AppData\Local\SRDownloader.nast

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.12.22 23:39:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\.minecraft
[2012.06.01 10:14:27 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Audacity
[2013.01.29 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bioshock2
[2011.10.17 15:34:38 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2013.10.21 15:59:12 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
[2013.07.03 09:51:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Day 1 Studios
[2011.11.17 17:30:55 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\FlashGet
[2014.01.25 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\FreeVideoConverter
[2014.03.09 11:44:16 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GarenaPlus
[2012.04.03 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IObit
[2011.11.19 22:35:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\iolo
[2011.12.28 15:29:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient
[2012.05.24 11:59:50 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient2
[2012.09.14 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\m2-multiplayer.com
[2011.11.05 12:47:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mount&Blade Warband
[2011.11.12 19:39:15 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mount&Blade With Fire and Sword
[2012.12.29 23:37:12 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth Files
[2014.01.11 20:04:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2013.12.21 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2013.11.01 19:56:01 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\OBS
[2011.10.16 19:20:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\OpenOffice.org
[2012.08.19 18:43:08 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Red Alert 3
[2013.01.10 17:11:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\runic games
[2011.11.03 16:26:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Screaming Bee
[2011.11.04 21:37:26 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Smart PC Solutions
[2013.02.02 14:35:39 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TeamViewer
[2012.09.16 10:11:18 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\The Creative Assembly
[2014.03.06 21:58:58 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TS3Client
[2012.10.20 12:43:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,534 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.10.15 13:45:35 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.10.15 13:49:43 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001UA.job
[2012.02.02 16:01:49 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.02.02 16:09:07 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001Core.job
[2012.10.14 10:18:15 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111020T193752760261\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120525T123047885254\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T103922853977\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T121705229321\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T141954396814\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20121201T140105374588\internal_ide_channel\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20111020T193752760261\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120525T123047885254\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T103922853977\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T121705229321\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120915T141954396814\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\Patrik\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20121201T140105374588\gencdrom\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

[KebiQ]

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[27 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\04f928f3d08c1b3ebb3d20634b77577f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\04f928f3d08c1b3ebb3d20634b77577f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.22 23:39:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\.minecraft
[2011.10.15 13:46:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Adobe
[2012.06.01 10:14:27 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Audacity
[2013.01.29 16:10:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Bioshock2
[2011.10.17 15:34:38 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2013.10.21 15:59:12 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
[2013.07.03 09:51:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Day 1 Studios
[2011.11.17 17:30:55 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\FlashGet
[2014.01.25 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\FreeVideoConverter
[2014.03.09 11:44:16 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\GarenaPlus
[2012.01.04 20:30:58 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Google
[2013.01.20 14:46:39 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Hamachi
[2011.10.15 13:31:28 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Identities
[2012.05.13 09:33:35 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\InstallShield
[2012.04.03 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IObit
[2011.11.19 22:35:53 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\iolo
[2011.12.28 15:29:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient
[2012.05.24 11:59:50 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\LolClient2
[2012.09.14 20:59:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\m2-multiplayer.com
[2011.10.15 13:46:23 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Macromedia
[2013.02.13 13:58:05 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:31 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Media Center Programs
[2012.12.01 14:55:35 | 000,000,000 | --SD | M] -- C:\Users\Patrik\AppData\Roaming\Microsoft
[2011.11.05 12:47:11 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mount&Blade Warband
[2011.11.12 19:39:15 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mount&Blade With Fire and Sword
[2014.03.08 10:27:01 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Mozilla
[2012.12.29 23:37:12 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth Files
[2014.01.11 20:04:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2013.12.21 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2011.10.27 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\NVIDIA
[2013.11.01 19:56:01 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\OBS
[2011.10.16 19:20:32 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\OpenOffice.org
[2012.08.19 18:43:08 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Red Alert 3
[2013.01.10 17:11:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\runic games
[2011.11.03 16:26:19 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Screaming Bee
[2012.09.15 15:18:27 | 000,000,000 | R--D | M] -- C:\Users\Patrik\AppData\Roaming\SecuROM
[2014.03.09 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Skype
[2011.11.04 21:37:26 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Smart PC Solutions
[2013.02.02 14:35:39 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TeamViewer
[2012.09.16 10:11:18 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\The Creative Assembly
[2014.03.06 21:58:58 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\TS3Client
[2012.10.20 12:43:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\uTorrent
[2014.02.13 16:45:50 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\vlc
[2011.10.16 16:57:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011.10.27 21:53:01 | 000,010,134 | R--- | M] () -- C:\Users\Patrik\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.10.27 21:44:34 | 000,010,134 | R--- | M] () -- C:\Users\Patrik\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2013.11.01 19:56:04 | 000,119,808 | ---- | M] (obsproject.com) -- C:\Users\Patrik\AppData\Roaming\OBS\updates\updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.03.09 15:10:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.03.09 13:59:35 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.09 15:20:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.08 20:25:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001Core.job
[2014.03.09 15:25:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.08.06 22:23:48 | 000,000,403 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010.08.06 22:23:48 | 000,020,362 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010.08.06 22:23:48 | 000,020,539 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010.08.06 22:23:48 | 000,019,081 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010.08.06 23:00:56 | 000,013,009 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010.08.27 06:33:12 | 000,014,477 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010.08.06 22:50:20 | 000,094,462 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010.08.27 06:33:24 | 000,065,436 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010.08.06 22:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010.08.06 22:50:02 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010.08.06 22:50:02 | 000,016,101 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010.08.27 06:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010.08.06 22:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010.08.27 06:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010.08.06 22:50:02 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010.08.27 06:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010.08.06 22:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010.08.27 06:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010.08.06 22:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010.08.06 22:50:04 | 000,000,410 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010.08.06 22:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010.08.06 22:50:02 | 000,000,933 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010.08.06 22:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010.08.27 06:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010.08.06 22:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010.08.27 06:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010.08.06 22:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010.08.27 06:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010.08.06 22:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010.08.27 06:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010.08.06 22:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010.08.06 22:50:04 | 000,000,409 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010.08.06 22:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010.08.06 22:50:02 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010.08.06 22:49:16 | 000,062,915 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010.08.27 06:33:40 | 000,037,741 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010.08.06 22:48:40 | 000,019,532 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010.08.27 06:33:50 | 000,017,545 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2009.03.08 09:59:14 | 000,163,840 | ---- | M] () -- \Program Files (x86)\Garena Classic\plugins\UI\AvoidCrackPlugin.dll
[2011.12.28 14:42:47 | 000,020,721 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.43\DATA\Particles\color-crack-light-shaft.dds
[2011.12.28 14:43:32 | 000,007,692 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.43\DATA\Particles\crack-light-shaft.dds
[2011.12.28 14:43:32 | 000,009,655 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.43\DATA\Particles\cracksmap.dds
[2011.12.28 14:43:32 | 000,003,895 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.43\DATA\Particles\cracksmap32.dds
[2011.12.28 14:49:59 | 000,018,573 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.43\DATA\Particles\groundcrack.dds
[2011.12.28 14:46:56 | 000,108,704 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.45\DATA\Particles\exile_ground_cracks_11.dds
[2011.12.28 14:46:56 | 000,111,002 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_game_client\filearchives\0.0.0.45\DATA\Particles\exile_ground_cracks_invert.dds
[2009.01.19 13:27:44 | 000,083,645 | ---- | M] () -- \Program Files (x86)\Mount&Blade Warband\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2011.02.15 16:29:38 | 000,083,645 | ---- | M] () -- \Program Files (x86)\Mount&Blade With Fire and Sword\Sounds\Fire_Small_Crackle_Slick_op.ogg
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2012.06.09 10:37:08 | 000,076,652 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_0.xnb
[2012.06.09 10:39:41 | 000,034,846 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Nature\Ground\dirt01_cracked_NRM_0.xnb
[2012.10.11 16:21:27 | 000,063,448 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_0.xnb
[2012.10.11 16:21:42 | 000,037,594 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\floor_cracks_nrm_0.xnb
[2012.06.09 11:04:19 | 000,004,354 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_0.xnb
[2012.06.09 10:54:31 | 000,004,058 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\pillar_cracked00_NRM02_0.xnb
[2012.06.09 10:48:35 | 000,008,140 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked00_0.xnb
[2012.06.09 11:02:17 | 000,018,032 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked01_0.xnb
[2012.06.09 10:39:23 | 000,008,364 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\magicka\Content\Levels\Textures\Surface\Structure\Stone\wall_cracked_NRM_0.xnb
[2007.03.20 16:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007.03.20 16:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007.03.20 16:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007.03.20 16:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007.03.20 16:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007.03.20 16:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007.03.20 16:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007.03.20 16:58:34 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007.03.20 16:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007.03.20 16:58:30 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007.03.20 16:58:32 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006.09.21 12:29:28 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2006.09.21 12:29:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2006.09.21 12:29:40 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2006.09.21 12:29:28 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2006.09.21 12:29:28 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2006.09.21 12:29:38 | 000,017,490 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2012.11.03 13:16:14 | 000,003,608 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.crackserialcodes.com_0.localstorage-journal

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.02.28 18:15:35 | 000,048,683 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.26.9.505_0\js\chromeBackstageLoader.js.vir
[2014.02.28 18:15:35 | 000,003,100 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.26.9.505_0\js\pluginLoader.js.vir
[2014.02.28 18:15:34 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.26.9.505_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.28 18:15:34 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.26.9.505_0\tb\al\ac\img\loader-icon.png.vir
[2014.02.28 18:15:33 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.26.9.505_0\tb\al\ui\gf\img\loader.gif.vir
[2011.11.26 20:16:23 | 000,010,144 | ---- | M] () -- \extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.18\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.08.27 22:15:54 | 001,177,888 | ---- | M] () -- \NVIDIA\DisplayDriver\327.23\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\334.89\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\ExtensionLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce320.49Driver\GFExperience\ExtensionLoader.dll
[2013.11.08 21:45:57 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\ExtensionLoader.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331Game-Ready-Driver\ExtensionLoader.dll
[2013.11.14 12:56:55 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\GFExperience\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331Game-Ready-Driver\GFExperience\ExtensionLoader.dll
[2012.10.09 18:00:28 | 000,064,280 | ---- | M] () -- \Program Files (x86)\Bethesda Softworks\Dishonored\Binaries\Win32\PhysXLoader.dll
[2013.08.19 21:41:42 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.08.19 21:41:42 | 000,019,104 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.01.25 11:20:02 | 000,154,624 | R--- | M] () -- \Program Files (x86)\DmC Devil May Cry\Binaries\Win32\NTPhysX_Loader_x86_r.dll
[2013.01.25 11:15:23 | 000,058,368 | R--- | M] () -- \Program Files (x86)\DmC Devil May Cry\Binaries\Win32\NTPhysX_Loader_x86_s.dll
[2013.01.25 11:15:27 | 000,064,280 | R--- | M] () -- \Program Files (x86)\DmC Devil May Cry\Binaries\Win32\PhysXLoader.dll
[2010.02.10 01:38:44 | 003,473,163 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_001\loader-00.fbrb
[2010.02.10 01:38:44 | 003,417,011 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_001sr\loader-00.fbrb
[2010.02.10 01:38:44 | 005,299,907 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_002\loader-00.fbrb
[2010.02.10 01:38:46 | 005,283,781 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_002sr\loader-00.fbrb
[2010.02.10 01:38:46 | 006,458,338 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_003\loader-00.fbrb
[2010.02.10 01:38:48 | 005,719,429 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_004\loader-00.fbrb
[2010.02.10 01:38:48 | 005,681,043 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_004sdm\loader-00.fbrb
[2010.02.10 01:38:48 | 005,975,692 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_005\loader-00.fbrb
[2010.02.10 01:38:50 | 005,952,738 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_005sr\loader-00.fbrb
[2010.02.10 01:38:50 | 003,625,529 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006\loader-00.fbrb
[2010.02.10 01:38:50 | 003,618,790 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006cq\loader-00.fbrb
[2010.02.10 01:38:50 | 003,609,949 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_006sdm\loader-00.fbrb
[2010.02.10 01:38:52 | 005,127,190 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_007\loader-00.fbrb
[2010.02.10 01:38:52 | 005,117,095 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_007sdm\loader-00.fbrb
[2010.02.10 01:38:52 | 003,702,695 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_008\loader-00.fbrb
[2010.02.10 01:38:52 | 003,568,288 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009cq\loader-00.fbrb
[2010.02.10 01:38:54 | 003,565,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009gr\loader-00.fbrb
[2010.02.10 01:38:54 | 003,544,807 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_009sdm\loader-00.fbrb
[2010.02.10 01:38:54 | 006,516,783 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_012gr\loader-00.fbrb
[2010.02.10 01:38:56 | 006,556,315 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_012sr\loader-00.fbrb
[2010.02.10 01:38:44 | 007,748,201 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\mp_common\loader-00.fbrb
[2010.02.10 01:47:40 | 004,575,342 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_003_B\loader-00.fbrb
[2010.02.10 01:47:42 | 005,437,555 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_004_B\loader-00.fbrb
[2010.02.10 01:47:42 | 005,555,302 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_005\loader-00.fbrb
[2010.02.10 01:47:44 | 006,135,296 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_005_B\loader-00.fbrb
[2010.02.10 01:47:44 | 005,228,984 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_006\loader-00.fbrb
[2010.02.10 01:47:44 | 006,938,136 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_007\loader-00.fbrb
[2010.02.10 01:47:46 | 005,814,240 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_008\loader-00.fbrb
[2010.02.10 01:47:46 | 005,800,297 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_008_B\loader-00.fbrb
[2010.02.10 01:47:48 | 006,397,231 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_009\loader-00.fbrb
[2010.02.10 01:47:38 | 002,006,427 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_01\loader-00.fbrb
[2010.02.10 01:47:40 | 004,760,479 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_02\loader-00.fbrb
[2010.02.10 01:47:40 | 006,542,963 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_03\loader-00.fbrb
[2010.02.10 01:47:42 | 005,840,761 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_04\loader-00.fbrb
[2010.02.10 01:47:38 | 001,271,669 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Dist\win32\levels\sp_common\loader-00.fbrb
[2012.09.23 14:57:58 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_cq\loader-00.fbrb
[2012.09.23 14:58:35 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_gr\loader-00.fbrb
[2012.09.23 14:59:25 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_sdm\loader-00.fbrb
[2012.09.23 15:00:18 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_harvest_day_sr\loader-00.fbrb
[2012.09.23 15:01:16 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_cq\loader-00.fbrb
[2012.09.23 15:02:06 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_gr\loader-00.fbrb
[2012.09.23 15:02:57 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_sdm\loader-00.fbrb
[2012.09.23 15:03:25 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\bc1_oasis_sr\loader-00.fbrb
[2012.09.23 15:10:05 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001\loader-00.fbrb
[2012.09.23 15:10:26 | 007,538,086 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001sdm\loader-00.fbrb
[2012.09.23 15:11:43 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_001sr\loader-00.fbrb
[2012.09.23 15:12:23 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_002\loader-00.fbrb
[2012.09.23 15:13:23 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_002sr\loader-00.fbrb
[2012.09.23 15:14:10 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_003\loader-00.fbrb
[2012.09.23 15:14:27 | 005,837,142 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_003sr\loader-00.fbrb
[2012.09.23 15:15:17 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_004\loader-00.fbrb
[2012.09.23 15:16:10 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_004sdm\loader-00.fbrb
[2012.09.23 15:16:58 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005\loader-00.fbrb
[2012.09.23 15:18:12 | 006,014,815 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005gr\loader-00.fbrb
[2012.09.23 15:19:12 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_005sr\loader-00.fbrb
[2012.09.23 15:20:35 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006\loader-00.fbrb
[2012.09.23 15:21:24 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006cq\loader-00.fbrb
[2012.09.23 15:22:04 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_006sdm\loader-00.fbrb
[2012.09.23 15:23:10 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007\loader-00.fbrb
[2012.09.23 15:23:30 | 006,098,333 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007gr\loader-00.fbrb
[2012.09.23 15:24:54 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_007sdm\loader-00.fbrb
[2012.09.23 15:26:03 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008\loader-00.fbrb
[2012.09.23 15:26:26 | 006,029,512 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008cq\loader-00.fbrb
[2012.09.23 15:27:40 | 006,015,553 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_008sdm\loader-00.fbrb
[2012.09.23 15:29:16 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009cq\loader-00.fbrb
[2012.09.23 15:30:09 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009gr\loader-00.fbrb
[2012.09.23 15:31:15 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009sdm\loader-00.fbrb
[2012.09.23 15:31:39 | 005,878,478 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_009sr\loader-00.fbrb
[2012.09.23 15:32:57 | 006,018,369 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012cq\loader-00.fbrb
[2012.09.23 15:34:09 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012gr\loader-00.fbrb
[2012.09.23 15:34:42 | 002,348,343 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_012sr\loader-00.fbrb
[2012.09.23 15:35:13 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002gr\loader-00.fbrb
[2012.09.23 15:35:44 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002sdm\loader-00.fbrb
[2012.09.23 15:36:20 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_002sr\loader-00.fbrb
[2012.09.23 15:36:54 | 001,612,131 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_005cq\loader-00.fbrb
[2012.09.23 15:37:18 | 000,000,157 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp_sp_005sdm\loader-00.fbrb
[2012.09.23 15:08:41 | 007,593,208 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\mp2_common\loader-00.fbrb
[2012.09.23 15:48:47 | 063,933,148 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_common\loader-00.fbrb
[2012.09.23 15:49:36 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002cq\loader-00.fbrb
[2012.09.23 15:50:14 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002r\loader-00.fbrb
[2012.09.23 15:50:15 | 000,001,204 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002sdm\loader-00.fbrb
[2012.09.23 15:50:34 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_002sr\loader-00.fbrb
[2012.09.23 15:50:52 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003cq\loader-00.fbrb
[2012.09.23 15:51:33 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003r\loader-00.fbrb
[2012.09.23 15:51:34 | 000,001,203 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003sdm\loader-00.fbrb
[2012.09.23 15:51:55 | 000,001,006 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_003sr\loader-00.fbrb
[2012.09.23 15:52:15 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005cq\loader-00.fbrb
[2012.09.23 15:52:32 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005r\loader-00.fbrb
[2012.09.23 15:52:53 | 000,001,205 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005sdm\loader-00.fbrb
[2012.09.23 15:53:21 | 000,001,009 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_005sr\loader-00.fbrb
[2012.09.23 15:53:38 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006cq\loader-00.fbrb
[2012.09.23 15:53:55 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006r\loader-00.fbrb
[2012.09.23 15:54:20 | 000,001,203 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006sdm\loader-00.fbrb
[2012.09.23 15:55:00 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_006sr\loader-00.fbrb
[2012.09.23 15:55:41 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007cq\loader-00.fbrb
[2012.09.23 15:56:04 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007r\loader-00.fbrb
[2012.09.23 15:56:33 | 000,001,202 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007sdm\loader-00.fbrb
[2012.09.23 15:57:20 | 000,001,008 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\nam_mp_007sr\loader-00.fbrb
[2012.09.23 15:57:55 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_003_b\loader-00.fbrb
[2012.09.23 15:58:42 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_004_b\loader-00.fbrb
[2012.09.23 15:59:16 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_005\loader-00.fbrb
[2012.09.23 16:00:34 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_005_b\loader-00.fbrb
[2012.09.23 16:01:20 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_006\loader-00.fbrb
[2012.09.23 16:02:12 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_007\loader-00.fbrb
[2012.09.23 16:02:44 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_008\loader-00.fbrb
[2012.09.23 16:03:08 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_008_b\loader-00.fbrb
[2012.09.23 16:03:30 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_009\loader-00.fbrb
[2012.09.23 16:04:06 | 001,131,275 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_01\loader-00.fbrb
[2012.09.23 16:04:32 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_02\loader-00.fbrb
[2012.09.23 16:05:44 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_03\loader-00.fbrb
[2012.09.23 16:06:17 | 001,131,640 | ---- | M] () -- \Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\Package\levels\sp_04\loader-00.fbrb
[2013.12.13 04:24:18 | 000,051,504 | ---- | M] () -- \Program Files (x86)\Garena Plus\FileLoader.dll
[2013.12.13 04:24:20 | 002,941,232 | ---- | M] () -- \Program Files (x86)\Garena Plus\ggdownloader.dll
[2013.11.21 11:55:50 | 000,255,280 | ---- | M] () -- \Program Files (x86)\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2012.04.03 13:41:48 | 000,601,944 | ---- | M] () -- \Program Files (x86)\IObit\Advanced SystemCare 4\free-software-downloader.exe
[2010.09.07 17:50:54 | 000,002,001 | ---- | M] () -- \Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\assets\images\SpinLoader.png
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Program Files (x86)\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\assets\storeImages\layout\small_loader.gif
[2010.11.02 12:36:12 | 000,000,404 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.212\deploy\assets\storeImages\layout\small_loader.gif
[2012.08.30 09:09:48 | 000,000,404 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.212\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2012.10.12 22:35:16 | 000,000,404 | ---- | M] () -- \Program Files (x86)\Malwarebytes' Anti-Malware\Leage of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.220\deploy\assets\storeImages\layout\small_loader.gif
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 01:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.01.17 15:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.10.16 19:19:45 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011.01.17 18:07:52 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.10.16 19:19:57 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.11.19 11:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2012.03.15 22:18:45 | 000,132,096 | ---- | M] () -- \Program Files (x86)\The Elder Scrolls V Skyrim\skse_loader.exe
[2012.03.15 22:18:32 | 000,093,184 | ---- | M] () -- \Program Files (x86)\The Elder Scrolls V Skyrim\skse_steam_loader.dll
[2013.08.19 21:41:42 | 000,364,184 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.08.19 21:41:42 | 000,019,104 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{0D8FB055-C618-46B5-9A8C-83E5A14A37F0}\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{75A8CF3A-856D-45F6-8E69-1FABFC1D456B}\ExtensionLoader.dll
[2013.08.27 22:15:54 | 001,177,888 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{F7986530-F453-423B-8652-38113240C4FC}\ExtensionLoader.dll
[2011.05.28 21:04:04 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.12.19 16:47:16 | 000,084,642 | ---- | M] () -- \ProgramData\GarenaMessenger\update\12352\bbtalk\GarenaTalkLoader.exe
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.12.19 16:47:16 | 000,084,642 | ---- | M] () -- \Users\All Users\GarenaMessenger\update\12352\bbtalk\GarenaTalkLoader.exe
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.17 17:43:57 | 000,001,761 | ---- | M] () -- \Users\Patrik\AppData\Local\SRDownloader (1).err
[2011.10.17 17:44:10 | 000,001,336 | ---- | M] () -- \Users\Patrik\AppData\Local\SRDownloader (1).nast
[2011.11.10 17:14:12 | 000,001,825 | ---- | M] () -- \Users\Patrik\AppData\Local\SRDownloader.err
[2014.01.11 19:12:56 | 000,001,104 | ---- | M] () -- \Users\Patrik\AppData\Local\SRDownloader.nast
[2012.12.02 17:06:18 | 000,008,768 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage-journal
[2012.12.02 17:06:12 | 000,003,608 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.yourfiledownloader.com_0.localstorage-journal
[2014.03.04 21:33:49 | 000,001,870 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WRORFPM\AdLoader[1].htm
[2014.03.02 12:56:12 | 000,000,374 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WRORFPM\queryLoader[1].css
[2014.03.02 10:19:04 | 000,111,819 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C01LD3T8\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.03.04 21:33:50 | 000,112,122 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUWO41LK\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.03.02 10:19:03 | 000,001,870 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUWO41LK\AdLoader[1].htm
[2014.03.02 12:56:14 | 000,005,708 | ---- | M] () -- \Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUWO41LK\queryLoader[1].js
[2014.01.13 17:36:12 | 000,012,811 | ---- | M] () -- \Users\Patrik\AppData\Local\Overwolf\InstallerCache\preloader_3337.gif
[2012.06.07 20:16:04 | 000,010,145 | ---- | M] () -- \Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules\ExternalLibraryLoader.jsm
[2014.01.11 18:57:49 | 000,905,728 | ---- | M] () -- \Users\Patrik\Downloads\SRDownloader.exe
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.10.15 21:54:29 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.10.15 21:54:29 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.10.15 21:54:30 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.10.15 21:54:30 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.10.15 21:54:30 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 17:44:27 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.12.25 00:11:29 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\GarrysMod\bin\dmserializers.dll
[2007.10.24 23:13:45 | 000,000,039 | ---- | M] () -- \Program Files (x86)\Warcraft III\serial.txt
[2013.09.13 01:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 17:44:52 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.11.03 13:59:27 | 000,000,023 | ---- | M] () -- \ProgramData\Tages\100663909\Serial.txt
[2012.11.03 13:59:27 | 000,000,023 | ---- | M] () -- \Users\All Users\Tages\100663909\Serial.txt
[2013.10.17 19:00:19 | 000,011,864 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eserial.cz_0.localstorage-journal
[2012.11.03 14:00:32 | 000,003,608 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serialnumber.in_0.localstorage-journal
[2013.04.21 23:25:10 | 000,009,800 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_serials4you.cz_0.localstorage-journal
[2012.11.03 13:16:14 | 000,003,608 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.crackserialcodes.com_0.localstorage-journal
[2012.09.02 21:58:10 | 000,008,768 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.eserial.cz_0.localstorage-journal
[2012.08.08 01:54:52 | 000,006,704 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serials.be_0.localstorage-journal
[2013.06.06 21:41:39 | 000,003,608 | ---- | M] () -- \Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.smartserials.com_0.localstorage-journal
[2012.09.15 15:19:26 | 000,000,247 | ---- | M] () -- \Users\Patrik\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2012.06.09 22:02:50 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 15:11:38 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 17:33:29 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2013.08.19 09:13:26 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 15:05:09 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 17:40:10 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2013.08.19 09:59:32 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2014.02.27 12:52:37 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.27 12:52:37 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.27 12:52:45 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.27 12:52:45 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.28 10:18:02 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.28 10:18:02 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.28 10:20:25 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.28 10:20:25 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.28 10:21:42 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.28 10:21:42 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.28 10:23:43 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.28 10:23:43 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2009.07.14 16:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.05 02:54:38 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.14 16:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:54:42 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.14 16:17:25 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.10.15 21:54:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.15 21:54:05 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009.07.14 16:17:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009.07.14 16:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011.02.05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011.02.05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 16:16:38 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 16:17:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.14 16:17:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 16:17:13 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 16:17:32 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[Márty84]

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001UA.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\SearchScopes\{08B12C70-0211-4662-AB5C-3932CC7D2F37}: "URL" = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=02A69977-7FB1-40E8-9CF3-1998F8037494&apn_sauid=00417759-DE15-47B3-8FE4-EDB260AF7735
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2012.06.17 11:08:16 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?clien ... 000YYCZ&q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc= ... =prefix&q={searchTerms},
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3482450746-3439478511-704641058-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[2012.04.03 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IObit
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[27 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\04f928f3d08c1b3ebb3d20634b77577f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\04f928f3d08c1b3ebb3d20634b77577f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\*.tmp -> ]
[2012.04.03 13:41:48 | 000,601,944 | ---- | M] () -- \Program Files (x86)\IObit\Advanced SystemCare 4\free-software-downloader.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_8225378E0CBE53D919F667FD55FC5A8D"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] /64

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[KebiQ]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Patrik
->Temp folder emptied: 11408962 bytes
->Temporary Internet Files folder emptied: 24402505 bytes
->Java cache emptied: 13570283 bytes
->FireFox cache emptied: 89523713 bytes
->Google Chrome cache emptied: 316860348 bytes
->Flash cache emptied: 1335 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 712704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1802 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42303664 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 476,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Patrik
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3482450746-3439478511-704641058-1001UA.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\Software\Microsoft\Internet Explorer\SearchScopes\{08B12C70-0211-4662-AB5C-3932CC7D2F37}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B12C70-0211-4662-AB5C-3932CC7D2F37}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\searchplugin folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\Plugins folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\META-INF folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\defaults folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\chrome folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll not found.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3482450746-3439478511-704641058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\Users\Patrik\AppData\Roaming\IObit\Smart Defrag 2 folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\IObit Malware Fighter folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Users\Patrik\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31DB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9007.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE1AD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1747.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1D9D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1F23.tmp\System.Management.Automation.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1F23.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6F74.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8566.tmp\ehshell.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8566.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8F05.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB702.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB7E9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFAC4.tmp folder deleted successfully.
C:\Windows\Installer\MSI38C8.tmp deleted successfully.
C:\Windows\Installer\MSI3A8D.tmp deleted successfully.
C:\Windows\Installer\MSI3D1E.tmp deleted successfully.
C:\Windows\Installer\MSI3EE3.tmp deleted successfully.
C:\Windows\Installer\MSI3FBE.tmp deleted successfully.
C:\Windows\Installer\MSI407B.tmp deleted successfully.
C:\Windows\Installer\MSI4146.tmp deleted successfully.
C:\Windows\Installer\MSI4222.tmp deleted successfully.
C:\Windows\Installer\MSI44B2.tmp deleted successfully.
C:\Windows\Installer\MSI458D.tmp deleted successfully.
C:\Windows\Installer\MSI4698.tmp deleted successfully.
C:\Windows\Installer\MSI4773.tmp deleted successfully.
C:\Windows\Installer\MSI482F.tmp deleted successfully.
C:\Windows\Installer\MSI48FB.tmp deleted successfully.
C:\Windows\Installer\MSI4A05.tmp deleted successfully.
C:\Windows\Installer\MSI4D03.tmp deleted successfully.
C:\Windows\Installer\MSI4DBF.tmp deleted successfully.
C:\Windows\Installer\MSI4E6B.tmp deleted successfully.
C:\Windows\Installer\MSI4F47.tmp deleted successfully.
C:\Windows\Installer\MSI4FF3.tmp deleted successfully.
C:\Windows\Installer\MSI510D.tmp deleted successfully.
C:\Windows\Installer\MSI5256.tmp deleted successfully.
C:\Windows\Installer\MSI54A8.tmp deleted successfully.
C:\Windows\Installer\MSI565D.tmp deleted successfully.
C:\Windows\Installer\MSI84E9.tmp deleted successfully.
C:\Windows\Installer\MSIB984.tmp deleted successfully.
C:\Windows\Installer\MSIEA69.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\04f928f3d08c1b3ebb3d20634b77577f\BIT5BA7.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\05b4a7d02b418e51711898b100454b1e\BIT59B3.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\0646778436ce40c90a7cbc9dfd71cb7a\BIT980A.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\bbe0294f55923618944aeb5c3877f84c\BIT5E76.tmp deleted successfully.
File move failed. \Program Files (x86)\IObit\Advanced SystemCare 4\free-software-downloader.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_8225378E0CBE53D919F667FD55FC5A8D deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03102014_112412

Files\Folders moved on Reboot...
C:\Users\Patrik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. \Program Files (x86)\IObit\Advanced SystemCare 4\free-software-downloader.exe scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.





26.3. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975