Kontrola logu - vytížený PC

[Wellar]

OTL Extras logfile created on: 1.12.2013 11:20:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\makro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 69,20% Memory free
7,49 Gb Paging File | 6,14 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,12 Gb Total Space | 8,95 Gb Free Space | 1,99% Space Free | Partition Type: NTFS
Drive D: | 16,34 Gb Total Space | 2,32 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive G: | 357,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HP | User Name: makro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AFBBD0E-0AA6-4A41-9AE1-88C29B0EC6B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1AB55498-F005-4877-B2DF-662C8A392AFD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2BFB45EC-CFF3-4D3E-A2E6-C11F0F41D34E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2C98FE65-51D8-4700-B627-A2EC09A3241E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{315953BB-0CF1-477A-9DB5-8F521C631225}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36365E59-20FB-42EA-9101-A9C1BF1AF38B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36DBCFCC-43FE-4737-A108-AEA2BFCD9D2D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42D12D76-8708-4244-A41F-B8C9413BA0D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{44E175D5-AFF7-413A-BAEB-B97A9D7241E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45A454FE-0E47-43A6-8F84-66F2AE7B938F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E732EB1-AFBF-4181-B992-F5B1605C6B80}" = rport=445 | protocol=6 | dir=out | app=system |
"{5861E847-77D9-4353-A99E-916015D0F2BA}" = lport=137 | protocol=17 | dir=in | app=system |
"{5A8390C4-B152-4486-AAED-5B66931B7082}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E5DF3B0-5143-4A84-8DBD-A6C010BC90AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7E2EE1A4-9006-42E6-A2D2-945122A984B4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7E5EEB8B-26D9-4842-9B75-DF5D6AA69BD2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7E634EF3-B623-46B8-84BA-C2C47D448081}" = lport=2869 | protocol=6 | dir=in | app=system |
"{893C4C69-B970-472F-B15B-9DEEFA07B4D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D6ACB80-5770-4B21-80FB-165620413866}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F039253-55B8-4FFD-AD8F-1B1B1B0B6DF2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{953D85E3-8502-4FDE-AD5E-A2D5F0B6AE16}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ACCAEBAC-CA2B-4989-A884-8351AC75EE8B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B144319E-990E-4AE9-90BF-78B3162980FE}" = lport=139 | protocol=6 | dir=in | app=system |
"{BB1D05E8-39A1-4CAE-80D4-AD01AD038796}" = rport=138 | protocol=17 | dir=out | app=system |
"{C16A9EF8-0C66-40A5-AF0A-F61EDCE38AF6}" = lport=138 | protocol=17 | dir=in | app=system |
"{C16D1DC5-FA8E-459A-8998-53DE1AAA3890}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA617676-1945-4109-A3C4-ADBAC6E49697}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC43D96A-2B06-4AD7-971E-8AA177243193}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD654ECB-080A-4B03-8A45-E8BB1B27B849}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF5D03C0-6EB9-48C6-8D52-828B72ACDAA8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E0EABF1D-ADFE-4E3A-B1D7-FC2C0BA9DC47}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EFC63C23-1240-4D4D-B65B-E40DF1011DEC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F01944ED-AC1B-4C2A-9BA1-9147902CE90C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F7F20B99-C9F4-4D67-90F0-CDEBE177B129}" = rport=139 | protocol=6 | dir=out | app=system |
"{F97526E5-C00F-4766-86DA-810393C64220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015D8FFA-68A6-48B8-9D40-423DF2E0C936}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{04BD7364-6C1E-44E6-AD6D-597EDF379DDB}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{04CB9F0D-D9A0-41A4-892C-C3F9872AA1BD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{04EDA9AC-8B3B-48E8-B579-91A1B8B7EE02}" = protocol=6 | dir=in | app=c:\users\makro\warcraft\warcraft iii\wdd.exe |
"{06581A4C-50EB-491C-8F4D-61239727DA0A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{0C8AFEAC-C340-49D5-A02E-8D070029EE29}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{0E4160BA-9D89-4117-8F4B-1FD021A16BC9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe |
"{0E841F9A-572E-4F18-B511-1AC01CC1B19E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0FA9F0FB-85BE-4168-AE00-28713F6F1D64}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{1A36F3B5-5CBB-4F7B-9B7F-2AD459AB0748}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1A86D127-8B53-4915-930C-86EFDF330002}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1B764DF0-6C64-40CD-A11C-5FC67B117E4E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1C7AB9AB-245A-4671-B3CE-09FF5FFCE0B0}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{1F34893C-6967-42F2-ABDB-E60C032DC775}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F715747-67EB-4A9A-A01F-E668E84476CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22324AFD-6D70-4F36-B7B6-BE4BB4F86E80}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2837F030-DC8B-45B1-8982-6A971703403F}" = protocol=6 | dir=in | app=c:\users\makro\desktop\castle story\castle story prototype.exe |
"{2B46E6A5-EE2E-4449-BD4A-0F85EBDA934C}" = protocol=17 | dir=in | app=c:\users\makro\desktop\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{2CF9FB69-6343-4720-B0DE-19A9BD91B9EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2D0CAAE1-C64A-4EA7-997C-9799DB9F2670}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{3088BAFE-93E3-447C-A6B3-F180A40ED34C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31156936-E089-4DAD-A3C5-DFC6886D9ADD}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{31979B67-AB43-452B-94A0-6641AC00A150}" = protocol=6 | dir=in | app=c:\users\makro\desktop\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{38DF5665-F5A1-43BF-BD11-A782887D95A1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3BFA2C26-B41E-4CEE-9681-FEDF6389D19D}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{3CEC7820-A5A8-46F4-BEFA-A28B1CC9F542}" = protocol=17 | dir=in | app=c:\program files (x86)\counter strike source\hl2.exe |
"{441A2B4C-68E7-4440-913E-9A0F36EB8274}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{453C9C30-F6FA-4B62-A8ED-52DE03EE7635}" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{45E60516-C80F-4CFA-82DF-50E61068357C}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{46FBAB70-B469-41F8-9BB1-15E189884E16}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{4B17AF62-E269-4648-B8B1-32968158C79C}" = protocol=17 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
"{4B97E9E9-7FD3-48A0-95DB-5B21BC5F64B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{52D3D543-E5FC-4321-B834-1001C7F0D26C}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{5735B005-25FD-4124-96EC-CEEA43B15673}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5773AC46-53A6-423B-8650-087E2F8D2089}" = protocol=17 | dir=in | app=c:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"{5AA75AFE-9FDA-4D8C-AE4F-A4A2485C4684}" = protocol=6 | dir=out | app=system |
"{5B203267-CD5F-471A-A17E-1C6D6C924252}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{5EBAB9FA-C571-42AA-A2CF-717AAAA938D8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{66865B56-0994-4AE1-8E84-E0DA3945CB5A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{66A81587-F821-4B07-828B-D59A26EC09C5}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{6CF64FB9-8B95-4982-AB80-2B070A8AE8A9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7574A0EA-0AF3-4678-AC5B-0BB99D6B52B9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{759B6E4C-1B41-4B5B-BAE0-0E29696F9B92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76EC4EE3-D10A-4BAC-BD8E-DE9FE6BE1B9C}" = protocol=6 | dir=in | app=c:\program files (x86)\counter strike source\hl2.exe |
"{779C4594-F093-4FC1-A054-DF3CCE925B5F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{780FEC2C-92A9-4CC7-B6D6-E363B435FC09}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{7A3ED8D7-EED0-4C19-BFE2-18A8F022C2B2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{7B0B6F30-6D09-447A-B48F-905050BE33F9}" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"{80692BF7-AB01-43C8-A27B-D3B8774DE005}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{80A1D436-59F2-464D-ADA0-12B15D47C7BD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{82A2095C-84E2-4FC0-8A02-A7E98F5B032F}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{835B6862-BEAC-4656-8784-70055BA90E54}" = protocol=17 | dir=in | app=c:\users\makro\desktop\world of warcraft\launcher.exe |
"{841BF607-C5C9-4948-8D2C-A0B1FB4DFD4B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{843D1F1D-D7C8-4ABE-AC94-F274942DDE2F}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{85AD4B4A-5C02-4E03-8DC4-3E2590950A14}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{85D2E111-E107-460E-B261-3537BD55AC91}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{89319932-E055-4F9D-839B-99C2AC826817}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{8AA1043C-E738-40F6-B2C0-FF16A2CF8A65}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8C21602A-BC8B-4DE6-AF7F-DC6B754EE592}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8D97C1E7-A35D-4EDD-A3FA-657975214FAA}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{911B37EE-7077-443B-8F27-D1BEC7339BEF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{927EB604-DCE6-4F42-A113-3ABC53C8001D}" = protocol=6 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
"{943A8D1E-9293-4182-AC88-E1F21B0BBB72}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{94788761-35AF-449C-BACB-6B35C3D2B552}" = protocol=6 | dir=in | app=c:\users\makro\desktop\world of warcraft\launcher.exe |
"{958706B7-B793-425E-9569-2A86C003CEA0}" = protocol=6 | dir=in | app=c:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"{963D3169-7011-4F83-984E-7B04B67F26B5}" = protocol=17 | dir=in | app=c:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe |
"{9661FF96-33CF-49CF-853D-67D47FCA6C1E}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{96FCB764-329C-4CEF-979B-DBCF186B26E9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97263526-7097-49A8-A8EE-90F4ABFC9211}" = protocol=17 | dir=in | app=c:\program files (x86)\farming giant\farminggiant.dll |
"{984DA102-CA6F-4C88-ABC1-34A2916E983F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9E30459C-94FC-47B0-84DB-12EBCF0D6FDD}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{9FFA0240-9834-4291-B742-D724175EE928}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\aces.exe |
"{A22C1743-B97A-4E0F-AA17-BA49D5490CA8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{A3D65096-A4E4-4571-B33D-0C8C946037AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A4713DFD-4BE5-4FD7-91DB-99EAF72D23E4}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{A6B93937-1DA1-48FC-9F15-C01E4E0FBACA}" = protocol=17 | dir=in | app=c:\king arthurs gold beta 825\kag.exe |
"{A8924D2D-53CB-4E53-A43F-4F688CB87FE3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{A9A5041A-C242-470C-BEEC-03C2C0017FE8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{A9B584E1-5DFC-4911-B0DB-BE8A9E3757C4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{A9F65DCE-30B6-4BF5-87CF-C12A0A90D73B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ABA6BD4F-8006-49D6-998D-6184ABA095CB}" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"{AC5FB731-092E-4333-B2DF-A113A209455B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AC857DAF-0FF7-48F7-A85A-51FFB7801E35}" = protocol=17 | dir=in | app=c:\users\makro\warcraft\warcraft iii\wdd.exe |
"{AD5C2F8A-9AD5-4C12-8526-59A33A70D89C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B30F67DE-F302-415C-82C6-6EDF2D87EAC4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B5E900FE-D07D-4364-A17C-717CC0BF195E}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{B68EE52B-5FB3-4A2C-AD09-6FBF6D100E1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B990AC7A-51B7-4B77-9FDF-03B6B20BD03E}" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |
"{BDABB4F1-934C-4E05-9CAA-5BBCF194532A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BEDAB82A-52DB-4110-8274-A57D959AFCA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C316C44D-A9EF-4A14-AD79-C5C41B65F7DB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{C41DF19F-77F7-43D7-8340-5C474F168FA3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{C51288F4-2BA8-4C8E-8491-840AD807A0A4}" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"{C87F3E31-61A7-42C6-98DC-C753B60BC289}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{C8C61E9A-F669-4EA7-AA84-CC876E8DE2FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8E9593C-EB6A-4CFC-8671-2E8D640AC458}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{C90E25AB-0B6F-4D0C-AE25-9B86713EC7DD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-downloader.exe |
"{C9BEBBC3-D23A-4394-8D88-52D71B489369}" = protocol=6 | dir=in | app=c:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe |
"{C9DD569E-E8E5-447E-BCB2-D529E020861B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA2D37AC-0CF9-4306-821E-EE68B18E1F76}" = protocol=6 | dir=in | app=c:\program files (x86)\farming giant\iupdate.dll |
"{CC2755C8-82FC-4295-AFB2-44E455E3CCF6}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{CCFC85A4-7358-43F8-840A-89CEBD2BFA09}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{CEB1D6EF-40FF-4723-AEE0-323CB4F244D5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D1614DBC-E91F-45D7-A97B-84D3E9E39A1D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{D4C90BA5-A28E-4D33-BC1A-BD48D702A620}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D546D116-6D1C-4727-BA87-0ACFEA4588D3}" = protocol=17 | dir=in | app=c:\users\makro\desktop\castle story\castle story prototype.exe |
"{D598FE0B-4E76-4F72-B17E-EB58E4CC8525}" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |
"{D6FADE01-0DA4-4DBC-B91D-C24B835AD1E9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D74F658F-59D5-43D3-9930-6F10409808B7}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{D7A9A543-9BC2-4808-9AF9-DA1112CE6F4D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DD223462-5CB5-46C6-8DDD-F2F5B8C2B9C3}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{DE1E7A25-39A6-4CCA-9CED-1265567822D8}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{DE73923B-15AD-4434-9E92-E67107EB8378}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{DEB450E5-62CE-4FEE-8D3C-AA56ECEF5359}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DEDB162C-7C70-4FC4-8580-C670375A4BC1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{E0FB2562-1D14-48C8-8794-349ACAA6A1D6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E1815ECF-53DC-405D-9ACF-6D073F3B54CF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E1F63952-C3A6-48CB-9809-3286754479AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E3A9235C-611E-4DE3-B7F0-2C0BE33D8239}" = protocol=17 | dir=in | app=c:\program files (x86)\farming giant\iupdate.dll |
"{E41B2390-62ED-4625-BB1F-DF0C8232BC52}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4CFD853-A642-4086-9DD7-8EF06F3AD76C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E53D934D-8B22-478D-8CA2-E2E771CEC912}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{E5CEB8FA-3F20-4614-B05E-42BB8B540FD0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F02473B7-7F17-4CC3-B2D0-1E5BB3F60F6D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{F16F34EB-FBC6-4074-B979-8CAA364AC68E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F4239D80-F2E3-471C-85A5-9F4A6EC0F518}" = protocol=58 | dir=in | app=system |
"{F49E0EDA-62D7-40BD-B4F7-71C76977697E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F5F0D3D9-A2D2-46D0-9559-F4C51534684A}" = protocol=6 | dir=in | app=c:\king arthurs gold beta 825\kag.exe |
"{F835DD53-B42D-41FF-AB2B-C8779EB390CD}" = protocol=6 | dir=in | app=c:\program files (x86)\farming giant\farminggiant.dll |
"{FC66D47C-6F8F-4723-B632-A8C291D0237B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FDD5A744-321B-465B-B41E-C14ECAC6F609}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe |
"{FE75BF04-98E8-46F9-A9A0-B5E07B27CBD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{0F73C4C2-317A-44F2-94EB-D79575B24E45}C:\program files (x86)\thehunter\game\thehunter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |
"TCP Query User{3B431FCD-80CE-40C2-8F09-B490D4783C8D}C:\users\makro\desktop\drmless\emulator\start.exe" = protocol=6 | dir=in | app=c:\users\makro\desktop\drmless\emulator\start.exe |
"TCP Query User{4B5271A7-8D59-46AF-84C0-18AD391475FE}C:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe" = protocol=6 | dir=in | app=c:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe |
"TCP Query User{5EFB6F15-CC5A-41BF-BD4A-11EDFCB0ACA2}C:\drmless\emulator\start.exe" = protocol=6 | dir=in | app=c:\drmless\emulator\start.exe |
"TCP Query User{66DEDC9F-BD45-454B-8802-BA33FFA90AA8}C:\king arthurs gold beta 825\kag.exe" = protocol=6 | dir=in | app=c:\king arthurs gold beta 825\kag.exe |
"TCP Query User{6D7BB0A2-A030-4D6B-B364-B0B264656A6D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{77892F17-5011-4213-A25E-7CED034E26A8}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{7CA19FED-EA69-406E-9DD8-67CB3F859FF0}C:\users\makro\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\makro\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{7D17A2E1-657D-45E4-9623-C7336B07ACB8}C:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=6 | dir=in | app=c:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"TCP Query User{80BF3590-47B3-4AA4-8B27-5C581A38200D}C:\windows\syswow64\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"TCP Query User{95FE3BF4-A9C9-4CA7-A7E9-BBB9B8FBD129}C:\program files (x86)\counter strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter strike source\hl2.exe |
"TCP Query User{AB389AD7-E9D0-4EF3-A329-69FA337C79CD}C:\users\makro\warcraft\warcraft iii\wdd.exe" = protocol=6 | dir=in | app=c:\users\makro\warcraft\warcraft iii\wdd.exe |
"TCP Query User{AE8A2100-C66E-48E4-A564-CBB529F86817}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B793AFCC-F435-4FEE-9A2C-44180438C292}C:\users\makro\desktop\castle story\castle story prototype.exe" = protocol=6 | dir=in | app=c:\users\makro\desktop\castle story\castle story prototype.exe |
"TCP Query User{D0184876-7A80-4C51-85F1-CE0362BBDC6E}C:\nfsug2\speed2.exe" = protocol=6 | dir=in | app=c:\nfsug2\speed2.exe |
"TCP Query User{D674C99B-B5BF-47FE-AAC9-A3C72DADA6D1}C:\program files (x86)\wrc 4 fia world rally championship\wrc4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wrc 4 fia world rally championship\wrc4.exe |
"TCP Query User{D9717892-C90A-4475-86E2-A4D0F29EFA73}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
"TCP Query User{E339C6AA-E6B5-4862-A47B-A32FFBE1519F}C:\program files (x86)\mozilla firefox\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\hl2.exe |
"TCP Query User{E9246080-7E97-4685-802D-BEA3FE006505}C:\users\makro\desktop\drmless\emulator\apache\httpd.exe" = protocol=6 | dir=in | app=c:\users\makro\desktop\drmless\emulator\apache\httpd.exe |
"TCP Query User{EA0BB54E-9ECE-4947-AB65-3EA3209B4149}C:\users\makro\downloads\drmless\emulator\apache\httpd.exe" = protocol=6 | dir=in | app=c:\users\makro\downloads\drmless\emulator\apache\httpd.exe |
"TCP Query User{ECD74A11-06DB-4FE5-8C2B-A7B2FE197525}C:\users\makro\downloads\drmless\emulator\start.exe" = protocol=6 | dir=in | app=c:\users\makro\downloads\drmless\emulator\start.exe |
"TCP Query User{EE734ED1-6088-4110-8E09-2012CCE8DE31}C:\drmless\emulator\apache\httpd.exe" = protocol=6 | dir=in | app=c:\drmless\emulator\apache\httpd.exe |
"TCP Query User{FC8D139B-C457-4B3C-9AF7-C99E4A75AEA0}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{0C8CACCF-0077-496E-BDA9-C73C92416A4F}C:\users\makro\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\makro\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{1FA57AA0-6E95-442F-A726-D2B5282065F5}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
"UDP Query User{233CC82D-EFAD-435B-A418-28D558993606}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{2694BB48-F9FB-4DFD-83D4-094A1C30FD5A}C:\program files (x86)\wrc 4 fia world rally championship\wrc4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wrc 4 fia world rally championship\wrc4.exe |
"UDP Query User{2FC969CE-2FC2-4037-88DA-26519A15EDCB}C:\king arthurs gold beta 825\kag.exe" = protocol=17 | dir=in | app=c:\king arthurs gold beta 825\kag.exe |
"UDP Query User{3F3C05EB-5F50-4B78-AE99-2D18A76F64E2}C:\users\makro\warcraft\warcraft iii\wdd.exe" = protocol=17 | dir=in | app=c:\users\makro\warcraft\warcraft iii\wdd.exe |
"UDP Query User{42620F0E-AFE5-49D5-8BAA-10A38825765D}C:\users\makro\desktop\drmless\emulator\apache\httpd.exe" = protocol=17 | dir=in | app=c:\users\makro\desktop\drmless\emulator\apache\httpd.exe |
"UDP Query User{4AD57334-040F-461C-83A6-C47E7205DC25}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4D41B83B-FA75-4BB0-9CCC-763EADFE8226}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{58884BAB-29D2-41EB-9428-82E8485102E7}C:\program files (x86)\mozilla firefox\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\hl2.exe |
"UDP Query User{70EBBCFE-A169-402D-AEFB-D07D5CF68E2C}C:\users\makro\downloads\drmless\emulator\apache\httpd.exe" = protocol=17 | dir=in | app=c:\users\makro\downloads\drmless\emulator\apache\httpd.exe |
"UDP Query User{85A7056B-D04F-483E-83FF-FEE25F7E8B9D}C:\nfsug2\speed2.exe" = protocol=17 | dir=in | app=c:\nfsug2\speed2.exe |
"UDP Query User{89412375-6BEE-4D02-ACA9-ECF0835C0B4F}C:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe" = protocol=17 | dir=in | app=c:\users\makro\downloads\spacebase df-9 alpha 1b hotfix\space.exe |
"UDP Query User{8E05FA47-C148-4949-A97C-555BD8ECA40B}C:\windows\syswow64\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\rundll32.exe |
"UDP Query User{9F4FEB0B-1FE7-41CE-B251-331AB83F5040}C:\drmless\emulator\apache\httpd.exe" = protocol=17 | dir=in | app=c:\drmless\emulator\apache\httpd.exe |
"UDP Query User{A1ECABFD-E62C-475F-B5D3-DE29EDE2D543}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{ABD19E47-B204-4F47-A0AF-FF47529B9F7D}C:\drmless\emulator\start.exe" = protocol=17 | dir=in | app=c:\drmless\emulator\start.exe |
"UDP Query User{B2886D4E-58A2-47A6-BD50-3EDED44C50AA}C:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe" = protocol=17 | dir=in | app=c:\users\makro\appdata\local\play withsix\tools\mingw\bin\rsync.exe |
"UDP Query User{BA7AB7A1-EED2-4ED6-86B6-3F5721DCFCB4}C:\users\makro\downloads\drmless\emulator\start.exe" = protocol=17 | dir=in | app=c:\users\makro\downloads\drmless\emulator\start.exe |
"UDP Query User{CA282EAA-85DE-48B0-9C4F-3744E3547D8C}C:\users\makro\desktop\drmless\emulator\start.exe" = protocol=17 | dir=in | app=c:\users\makro\desktop\drmless\emulator\start.exe |
"UDP Query User{D9972FA5-CA94-4A90-9C3A-57F1174EC503}C:\users\makro\desktop\castle story\castle story prototype.exe" = protocol=17 | dir=in | app=c:\users\makro\desktop\castle story\castle story prototype.exe |
"UDP Query User{DE6135BD-B08B-48C1-8F72-C4D84886B1B8}C:\program files (x86)\counter strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter strike source\hl2.exe |
"UDP Query User{E6C172D3-8EDB-45E6-B3AE-DE3F11369BF3}C:\program files (x86)\thehunter\game\thehunter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\game\thehunter.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E990336-E620-4B14-A7B4-4DA369330355}" = HP Wireless Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{2C43E67B-0CDC-48BE-A374-23BEB0E48A72}" = AVG 2013
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}" = MSVCRT Redists
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E0A6C0AA-8580-82CF-3D5F-5F32F8DE9A01}" = ccc-utility64
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

[Reklama]

[Wellar]

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{093B1CF6-C00F-BD98-A8B7-C20D0AB36074}" = Catalyst Control Center Graphics Light
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D901B50-9D9C-64A2-136E-7CC4DD9FBDB4}" = CCC Help German
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F733E11-408E-11E1-B5FE-F04DA23A5C58}" = MSVCRT Redists
"{109D28DA-E555-4896-BF22-E312F764562C}_is1" = Lowrider Extreme
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1" = FTL version 1.01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{303D7F80-2108-9679-149F-64A7AEF13C26}" = CCC Help Czech
"{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D9106C-A947-47ED-B4AB-764736350769}" = Minecraft
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3B7301EA-5833-CDAC-E4A4-6442EEDEBD87}" = CCC Help Korean
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3CD48ADA-3A4F-999C-2BAA-64DF229FF839}" = CCC Help Turkish
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{553EFB44-564E-2F68-9A24-A59765B81000}" = CCC Help Russian
"{5D56E2B2-432B-403D-AE4B-EF57A0F5B95C}" = HP Software Framework
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{671BF921-422D-BA7E-5158-5264ACE51C9D}" = CCC Help Portuguese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797D1DB3-BA0F-4A2D-9F99-5D2C09D0A7FE}" = Car Tycoon
"{7A65C27A-830B-77E6-43D1-52F236AF9A16}" = CCC Help Greek
"{7F75DDF4-09D6-7ED2-8DA9-61F0B57FCF81}" = CCC Help Dutch
"{8064A439-ACA7-3E32-3630-FC22155FEB4E}" = CCC Help English
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{810005FC-9F35-5EAB-1479-B1E7DEAB44D5}" = CCC Help Norwegian
"{820F8A24-8C77-3B64-D90A-C23D211BEDA9}" = Catalyst Control Center Graphics Previews Common
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89C0094C-9508-6BE5-8445-4ADDC9BD2681}" = CCC Help Italian
"{8A9FC225-75F6-4B5D-911C-0ED230565643}" = HP Product Detection
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DAD8A5E-6B6A-C4DC-D2A7-02CD66702F31}" = Catalyst Control Center Core Implementation
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EEA74DA-5E7E-5E51-817C-FFAEACEBF3B3}" = CCC Help Chinese Traditional
"{8F8EDCB5-1042-4598-D413-1DD04FC7EA27}" = CCC Help Hungarian
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91CD08AA-5402-4C64-A9CA-C7B4A479C003}_is1" = Counter Strike Source v1.0.0.34
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96EB53BC-8225-A97A-FF5C-B33F85DD5B86}" = CCC Help French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBDA769-3D13-095F-77BA-35AED9D54D4C}" = CCC Help Thai
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A11E24AD-A7EB-78C9-F792-AD9CDDB8B651}" = Catalyst Control Center InstallProxy
"{A1F96D83-8020-49DE-880D-2FDB8BC3263D}" = Amazing Zombie Defense
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB418F5A-4AB2-999B-19EA-8BB9C311B70C}" = Catalyst Control Center Graphics Full Existing
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1. - Czech
"{B360E24A-BF25-4353-AA79-1B54F509024A}" = HP Documentation
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7EB794A-5A36-4CB0-90D9-BD0E786972D4}" = LogMeIn Hamachi
"{BCE6F36E-4FA9-C700-CA8F-04EE0702FB32}" = CCC Help Spanish
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5755376-76B8-52F7-7357-3E7CA61C7168}" = CCC Help Finnish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA12CCA6-A4C8-5796-C29E-4ADA9E5DE596}" = Catalyst Control Center Graphics Previews Vista
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE0F869E-2504-4F92-2BD2-DD996E7010B7}" = CCC Help Danish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CB8122-63AF-D5C8-299F-C67A1EF343C3}" = CCC Help Polish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEEF336C-5C79-3846-7AD1-7693CCA99659}" = CCC Help Chinese Standard
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6E7A082-A47D-7059-ACBD-36FDA02695EC}" = Catalyst Control Center Graphics Full New
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.44
"{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.195
"{EF83E9E7-FFE9-B86A-94C9-95D8F5EF2320}" = Catalyst Control Center Localization All
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0CDD8A0-5E3B-F975-AA54-C725477E5067}" = ccc-core-static
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FD71BC19-4A59-75F5-E4EF-4AEC3E6BF12E}" = CCC Help Japanese
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEC06A8C-01A7-5CF5-923F-CD2D34229E4B}" = CCC Help Swedish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Any Video Converter_is1" = Any Video Converter 3.3.7
"Artemis" = Artemis Artemis
"Audacity_is1" = Audacity 2.0.2
"avast" = avast! Free Antivirus
"AVG PC Tuneup 2011_is1" = AVG PC Tuneup 2011 10.0.0.24
"Battle.net" = Battle.net
"BitTorrent" = BitTorrent
"Cannons Lasers Rockets" = Cannons Lasers Rockets
"Cinema Tycoon 2 Movie Mania1.0" = Cinema Tycoon 2 Movie Mania
"Civilization V 1.0.1.705" = Civilization V 1.0.1.705
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Desura" = Desura
"Desura_90074054131744" = Desura: CLR: cannons lasers rockets
"DLC Quest_is1" = DLC Quest
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Farming Giant" = Farming Giant
"FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1" = theHunter Launcher
"FormatFactory" = FormatFactory 3.00
"GetPrivate" = GetPrivate
"GOGPACKPAPERSPLEASE_is1" = Papers, Please
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"Hearthstone" = Hearthstone
"HeavyLoad_is1" = HeavyLoad V3.2
"HyperCam 2" = HyperCam 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"King Arthurs Gold - BETA v825_is1" = King Arthurs Gold - BETA v825 version 0.0.0.9
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Standard)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mobogenie" = Mobogenie
"My HP Game Console" = HP Game Console
"OpenAL" = OpenAL
"Origin" = Origin
"PokerStars.net" = PokerStars.net
"PunkBusterSvc" = PunkBuster Services
"Q2l0aWVzIGluIE1vdGlvbiAyIChjKSBQYXJhZG94IEludGVyYWN0aXZl_is1" = Cities in Motion 2 (c) Paradox Interactive version 1
"R2FtZURldlR5Y29vbnYxMzI=_is1" = Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1
"Razer Game Booster_is1" = Razer Game Booster
"Rogue Legacy_is1" = Rogue Legacy version 0.0.0.9
"RPGVXAce_E_is1" = RPG MAKER VX Ace
"RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP
"SkypEmoticons_is1" = SkypEmoticons
"Spelunky HD 1.0" = Spelunky HD 1.0
"Super Meat Boy v1.5_is1" = Super Meat Boy v1.5
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 8" = TeamViewer 8
"Tunngle beta_is1" = Tunngle beta
"V1JDNEZJQVdvcmxkUmFsbHlDaGFtcGlvbnNoaXA=_is1" = WRC 4 FIA World Rally Championship
"Volgarr the Viking v2.0.0.1 1.0" = Volgarr the Viking v2.0.0.1 1.0
"Warcraft III" = Warcraft III
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"World of Warcraft" = World of Warcraft

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for makro
"c8c75cfa6b8b223c" = Twinstar-Launcher
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.11.2013 9:43:08 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.17514, časové
razítko: 0x4ce7abf9 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247,
časové razítko: 0x521eaf24 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000506dd
ID
chybujícího procesu: 0x40c Čas spuštění chybující aplikace: 0x01cee919122c54a9 Cesta
k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 599d04da-550e-11e3-8022-70f395d3b71b

Error - 24.11.2013 9:43:57 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko:
0x4445c334 Název chybujícího modulu: filesystem_steam.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x47e2d72b Kód výjimky: 0xc0000005 Posun chyby: 0x007e553e ID chybujícího
procesu: 0x438 Čas spuštění chybující aplikace: 0x01cee91a67bc7dc4 Cesta k chybující
aplikaci: C:\Program Files (x86)\Counter Strike Source\hl2.exe Cesta k chybujícímu
modulu: filesystem_steam.dll ID zprávy: 770b23f3-550e-11e3-8022-70f395d3b71b

Error - 24.11.2013 10:19:56 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko:
0x4445c334 Název chybujícího modulu: filesystem_steam.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x47e2d72b Kód výjimky: 0xc0000005 Posun chyby: 0x003c553e ID chybujícího
procesu: 0x10b4 Čas spuštění chybující aplikace: 0x01cee91ba9883ed3 Cesta k chybující
aplikaci: C:\Program Files (x86)\Counter Strike Source\hl2.exe Cesta k chybujícímu
modulu: filesystem_steam.dll ID zprávy: 7de3ffd6-5513-11e3-88ce-70f395d3b71b

Error - 28.11.2013 7:39:59 | Computer Name = HP | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary 4198943drv.

System
Error: Systém nemůže nalézt uvedený soubor. .

[ Hewlett-Packard Events ]
Error - 10.5.2013 11:29:44 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051310052933.xml
File not created by asset agent

Error - 31.5.2013 11:30:44 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051331053038.xml
File not created by asset agent

Error - 7.6.2013 11:04:32 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061307050427.xml
File not created by asset agent

Error - 14.6.2013 11:38:00 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061314053748.xml
File not created by asset agent

Error - 5.7.2013 11:08:07 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = cs-CZ Byla vyvolána výjimka typu System.Exception. HP.SupportFramework

v HP.SupportFramework.HPSFReporting.Reporting..ctor() v HP.ActiveSupportLibrary.Issues.HPSFSession..ctor(LaunchPoint
lp) v HPAssistant.HPAMain.Window_Loaded(Object sender, RoutedEventArgs e) v
System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) v System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) v System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) v System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) v System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) v System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(Object
root) v MS.Internal.LoadedOrUnloadedOperation.DoWork() v System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

v System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() v System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) v System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) v System.Windows.Media.MediaContext.Resize(ICompositionTarget
resizedCompositionTarget) v System.Windows.Interop.HwndTarget.OnResize() v
System.Windows.Interop.HwndTarget.HandleMessage(Int32 msg, IntPtr wparam, IntPtr
lparam) v System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr hwnd,
Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) v MS.Win32.HwndWrapper.WndProc(IntPtr
hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) v MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object
o) v System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) v System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 10.7.2013 0:33:02 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071310063259.xml
File not created by asset agent

Error - 16.8.2013 11:49:21 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081316054918.xml
File not created by asset agent

Error - 6.9.2013 11:49:15 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091306054910.xml
File not created by asset agent

Error - 13.9.2013 11:12:11 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091313051206.xml
File not created by asset agent

Error - 4.10.2013 11:18:29 | Computer Name = HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101304051824.xml
File not created by asset agent

[ HP Wireless Assistant Events ]
Error - 5.8.2013 9:57:29 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 6.9.2013 0:27:51 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 20.9.2013 15:31:39 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 25.10.2013 13:35:42 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 26.10.2013 5:39:00 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 2.11.2013 3:21:43 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 7.11.2013 10:39:53 | Computer Name = HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 12.11.2013 2:52:38 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 14.11.2013 2:07:51 | Computer Name = HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 v HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 24.11.2013 5:31:40 | Computer Name = HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

[ System Events ]
Error - 29.11.2013 7:08:02 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Wireless Assistant Service neuspěla při spuštění v důsledku
následující chyby: %%31

Error - 29.11.2013 10:27:08 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Andrea RT Filters Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 29.11.2013 10:27:08 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Easybits Services for Windows neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 30.11.2013 3:23:17 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Andrea RT Filters Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 30.11.2013 3:23:17 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Easybits Services for Windows neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 30.11.2013 3:27:16 | Computer Name = HP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby HP Health Check Service bylo dosaženo
časového limitu (30000 ms).

Error - 30.11.2013 3:27:16 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba HP Health Check Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 30.11.2013 9:33:32 | Computer Name = HP | Source = Service Control Manager | ID = 7034
Description = Služba Skype C2C Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 1.12.2013 3:41:05 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Andrea RT Filters Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 1.12.2013 3:41:05 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Služba Easybits Services for Windows neuspěla při spuštění v důsledku
následující chyby: %%2


< End of report >

[Wellar]

OTL logfile created on: 1.12.2013 11:20:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\makro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 69,20% Memory free
7,49 Gb Paging File | 6,14 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,12 Gb Total Space | 8,95 Gb Free Space | 1,99% Space Free | Partition Type: NTFS
Drive D: | 16,34 Gb Total Space | 2,32 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive G: | 357,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HP | User Name: makro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\makro\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WiseBootAssistant) -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe (WiseCleaner.com)
SRV - (Guard.Mail.ru) -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
SRV - (AdvancedSystemCareService6) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{EF1D2894-1012-415E-A5BB-9DFCCA32B0A3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\makro\AppData\Local\Roblox\Versions\version-394f11f19cd64b1a\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\makro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.11.22 11:45:50 | 000,000,000 | ---D | M]

[2013.05.07 14:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.10.14 12:06:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\makro\AppData\Local\Roblox\Versions\version-8484f0d4199b4d0f\\NPRobloxProxy.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: Skype Click to Call = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Battlefield Play4Free = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\

O1 HOSTS File: ([2013.11.29 12:06:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe ()
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\1242ee6e-df61-4840-9e2d-5540cd5a94ae.exe (AVAST Software)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GetPrivate] C:\Program Files (x86)\GetPrivate\GetPrivate.exe ()
O4 - HKLM..\Run: [ISUSScheduler] c:\program files (x86)\common files\installshield\updateservice\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ISUSPM Startup] c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [LightScribe Control Panel] c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe (Hewlett-Packard Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F12B883-BFD1-4712-8399-3C2D49E10AB7}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB0D2EB-FEA1-47E9-A61E-6885D81B24BA}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2DC8F44-637A-4BFE-A49B-B5FCB82B45C3}: DhcpNameServer = 217.77.165.81 217.77.161.131
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.12.01 08:41:30 | 000,041,619 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O32 - AutoRun File - [2001.12.18 07:51:40 | 000,000,027 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.12.01 11:18:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\makro\Desktop\OTL.exe
[2013.12.01 11:17:41 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Users\makro\Desktop\OTC (1).exe
[2013.11.30 14:36:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.11.29 12:03:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.11.28 17:19:43 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Blizzard
[2013.11.28 17:18:36 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Blizzard Entertainment
[2013.11.28 17:18:25 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Battle.net
[2013.11.28 13:19:55 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\airline
[2013.11.28 12:51:24 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fishtank Interactive
[2013.11.28 12:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fishtank Interactive
[2013.11.28 09:38:41 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\{4E66AA49-608F-4BEF-95EA-0D6266BA160B}
[2013.11.27 19:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.11.26 20:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLC Quest
[2013.11.26 20:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Going Loud Studios
[2013.11.24 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\CrashDumps
[2013.11.24 10:38:21 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Adobe
[2013.11.23 12:32:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.23 12:21:39 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\ATI
[2013.11.23 12:20:51 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Apps
[2013.11.23 08:22:28 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\AVAST Software
[2013.11.22 11:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013.11.21 21:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Railroad Tycoon 3
[2013.11.21 21:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Railroad Tycoon 3
[2013.11.21 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\LDW
[2013.11.21 21:13:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BigFish
[2013.11.21 21:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema Tycoon 2 Movie Mania
[2013.11.21 21:08:56 | 000,000,000 | ---D | C] -- C:\Windows\Cinema Tycoon 2 Movie Mania
[2013.11.21 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema Tycoon 2 Movie Mania
[2013.11.21 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\Mobogenie
[2013.11.21 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Mobogenie
[2013.11.21 21:05:18 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
[2013.11.21 21:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013.11.21 20:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lemonade Tycoon 2
[2013.11.19 20:23:02 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\Beast Boxing Turbo
[2013.11.16 16:59:11 | 000,000,000 | ---D | C] -- C:\PROGRAM1
[2013.11.16 15:42:36 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\My Games
[2013.11.16 15:11:56 | 000,000,000 | ---D | C] -- C:\Civilization V
[2013.11.15 18:13:14 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GetPrivate
[2013.11.15 18:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetPrivate
[2013.11.13 20:26:34 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.11.13 20:26:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.11.13 20:26:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.11.13 20:26:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.11.13 20:26:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.11.13 20:26:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.11.13 20:26:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.11.13 20:26:31 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.11.13 20:26:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.11.13 20:26:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.11.13 20:26:30 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.11.13 20:26:27 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.11.13 20:26:26 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.11.13 20:26:26 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.11.13 20:26:25 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.11.13 19:55:52 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.11.13 19:55:29 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.11.13 19:55:27 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.11.13 19:55:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013.11.13 19:55:26 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013.11.13 19:55:25 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013.11.13 19:55:16 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.11.13 19:55:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.11.13 19:55:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.11.13 19:55:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.11.13 19:55:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.11.13 19:55:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.11.13 19:54:56 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.11.13 19:54:55 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.11.13 19:54:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013.11.13 19:54:54 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.11.13 17:35:33 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\theHunter
[2013.11.13 17:35:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\theHunter
[2013.11.13 17:35:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\theHunter
[2013.11.13 16:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.11.13 16:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.11.13 15:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter
[2013.11.13 15:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\theHunter
[2013.11.13 15:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\theHunter
[2013.11.13 13:42:11 | 000,000,000 | ---D | C] -- C:\King Arthurs Gold BETA 825
[2013.11.13 13:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2013.11.11 20:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artemis
[2013.11.11 20:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Artemis
[2013.11.11 12:34:10 | 000,000,000 | ---D | C] -- C:\Users\makro\Zomboid
[2013.11.11 11:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Giant
[2013.11.11 11:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Farming Giant

[Wellar]

[2013.11.09 10:49:32 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\deskop dungeon
[2013.11.07 16:18:53 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\Pokemon FTW
[2013.11.04 19:02:04 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\SpacebaseDF9
[2013.11.04 16:39:40 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\RedDotGames
[2013.11.04 16:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play
[2013.11.04 16:31:13 | 003,690,496 | ---- | C] (Truevision3D LLC) -- C:\Windows\SysWow64\tv3d65.dll
[2013.11.04 16:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Play
[2013.11.02 11:36:50 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cannons Lasers Rockets
[2013.11.02 10:36:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Desura
[2013.11.02 10:34:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Desura
[2013.11.02 10:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
[2013.11.02 10:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desura
[2013.11.01 19:19:35 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\Nová složka (2)
[2013.11.01 15:35:31 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\Nová složka
[2013.11.01 15:35:03 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\train
[2013.11.01 13:34:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cracked Steam
[2013.11.01 12:47:48 | 000,000,000 | ---D | C] -- C:\Users\makro\Desktop\pacifik
[2013.11.01 11:54:19 | 000,000,000 | ---D | C] -- C:\Post Apocalyptic Mayhem

========== Files - Modified Within 30 Days ==========

[2013.12.01 11:18:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\makro\Desktop\OTL.exe
[2013.12.01 11:17:21 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Users\makro\Desktop\OTC (1).exe
[2013.12.01 11:12:04 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.12.01 11:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.01 08:50:00 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.01 08:50:00 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.01 08:40:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.29 13:39:14 | 000,000,512 | ---- | M] () -- C:\Users\makro\Desktop\MBR.dat
[2013.11.29 12:06:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.11.28 12:51:24 | 000,003,147 | ---- | M] () -- C:\Users\makro\Desktop\Car Tycoon.lnk
[2013.11.27 19:18:24 | 174,969,888 | ---- | M] () -- C:\Users\makro\Desktop\Kaspersky-Virus-Removal-Tool_11.0.0.1245_[07.07.2013].exe
[2013.11.27 17:45:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormakro.job
[2013.11.26 20:37:43 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\DLC Quest.lnk
[2013.11.23 19:15:10 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.11.23 16:06:30 | 004,161,024 | ---- | M] () -- C:\Users\makro\Desktop\RogueKillerX64 (2).exe
[2013.11.23 15:43:06 | 000,001,398 | ---- | M] () -- C:\Users\makro\Desktop\Google Chrome.lnk
[2013.11.23 12:15:55 | 000,000,218 | ---- | M] () -- C:\Users\makro\AppData\Local\recently-used.xbel
[2013.11.22 11:46:39 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.11.22 11:45:42 | 000,205,320 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.11.22 11:45:42 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.11.22 11:45:42 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.11.22 11:45:41 | 001,032,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.11.22 11:45:41 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.11.22 11:45:41 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.11.22 11:45:41 | 000,084,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.11.22 11:45:41 | 000,038,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.11.22 11:45:40 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.11.22 11:45:33 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.11.22 11:39:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.11.21 21:37:42 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Railroad Tycoon 3.lnk
[2013.11.21 21:09:22 | 000,002,136 | ---- | M] () -- C:\Users\Public\Desktop\Cinema Tycoon 2 Movie Mania.lnk
[2013.11.21 21:05:20 | 000,000,985 | ---- | M] () -- C:\Users\makro\Desktop\Mobogenie.lnk
[2013.11.19 20:23:14 | 000,000,801 | ---- | M] () -- C:\Users\makro\Desktop\Beast Boxing Turbo.lnk
[2013.11.17 07:29:28 | 000,104,438 | ---- | M] () -- C:\Users\makro\Desktop\Bez názvu-1.psd
[2013.11.17 07:28:14 | 000,009,559 | ---- | M] () -- C:\Users\makro\Desktop\griefer sas.png
[2013.11.17 07:28:14 | 000,000,132 | ---- | M] () -- C:\Users\makro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2013.11.17 07:26:58 | 000,011,651 | ---- | M] () -- C:\Users\makro\Desktop\sadasdasdasd.png
[2013.11.16 21:10:21 | 000,010,289 | ---- | M] () -- C:\Users\makro\Desktop\test mc griefer.png
[2013.11.16 21:00:34 | 000,006,337 | ---- | M] () -- C:\Users\makro\Desktop\images (1).jpg
[2013.11.16 20:55:02 | 000,002,304 | ---- | M] () -- C:\Users\makro\Desktop\hlavni_admin.png
[2013.11.16 15:40:26 | 000,001,502 | ---- | M] () -- C:\Users\makro\Desktop\Civilizace V.lnk
[2013.11.13 16:38:30 | 000,000,039 | ---- | M] () -- C:\Users\makro\AppData\Roaming\TheHunterSettings_live.cfg
[2013.11.13 16:34:17 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013.11.13 15:48:04 | 000,000,132 | ---- | M] () -- C:\Users\Public\Desktop\theHunter.url
[2013.11.13 13:42:24 | 000,000,703 | ---- | M] () -- C:\Users\makro\Desktop\King Arthurs Gold BETA 825.lnk
[2013.11.13 13:37:56 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2013.11.11 20:07:01 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Play Artemis.lnk
[2013.11.11 13:23:16 | 000,001,622 | ---- | M] () -- C:\Users\makro\Desktop\Trainz.lnk
[2013.11.11 12:30:33 | 000,001,771 | ---- | M] () -- C:\Users\makro\Desktop\Project Zomboid RC 2.9.8b.lnk
[2013.11.11 11:33:51 | 000,001,924 | ---- | M] () -- C:\Users\makro\Desktop\Farming Giant.lnk
[2013.11.10 16:51:38 | 000,009,338 | ---- | M] () -- C:\Users\makro\Desktop\stažený soubor.jpg
[2013.11.10 16:11:39 | 000,040,543 | ---- | M] () -- C:\Users\makro\Desktop\skull3-240x400.jpg
[2013.11.05 19:04:26 | 000,014,344 | ---- | M] () -- C:\Users\makro\Desktop\1422337_679808185363299_230697820_n.jpg
[2013.11.05 18:38:28 | 000,567,054 | ---- | M] () -- C:\Users\makro\Desktop\chrome 2013-11-04 20-42-02-20.bmp
[2013.11.03 13:14:23 | 000,036,273 | ---- | M] () -- C:\Users\makro\Desktop\1453338_645683532143033_652435797_n.jpg
[2013.11.02 13:37:31 | 000,043,821 | ---- | M] () -- C:\Users\makro\Desktop\The mighty jax.png
[2013.11.02 13:35:07 | 000,044,498 | ---- | M] () -- C:\Users\makro\Desktop\wellar2.png
[2013.11.02 13:35:06 | 000,044,834 | ---- | M] () -- C:\Users\makro\Desktop\wellar3.png
[2013.11.02 13:35:06 | 000,044,296 | ---- | M] () -- C:\Users\makro\Desktop\wellar4.png
[2013.11.02 13:27:56 | 000,043,781 | ---- | M] () -- C:\Users\makro\Desktop\wellar.png
[2013.11.02 13:24:09 | 000,644,564 | ---- | M] () -- C:\Users\makro\Desktop\zzzac.png
[2013.11.02 11:36:50 | 000,000,812 | ---- | M] () -- C:\Users\makro\Desktop\Cannons Lasers Rockets.lnk
[2013.11.02 10:34:16 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\Desura.lnk
[2013.11.01 17:21:01 | 002,029,562 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.11.01 17:21:01 | 001,144,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.11.01 17:21:01 | 000,616,314 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.11.01 17:21:01 | 000,582,260 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.11.01 17:21:01 | 000,006,476 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2013.11.29 13:39:14 | 000,000,512 | ---- | C] () -- C:\Users\makro\Desktop\MBR.dat
[2013.11.28 12:51:24 | 000,003,147 | ---- | C] () -- C:\Users\makro\Desktop\Car Tycoon.lnk
[2013.11.27 19:18:36 | 174,969,888 | ---- | C] () -- C:\Users\makro\Desktop\Kaspersky-Virus-Removal-Tool_11.0.0.1245_[07.07.2013].exe
[2013.11.26 20:37:43 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\DLC Quest.lnk
[2013.11.23 16:06:39 | 004,161,024 | ---- | C] () -- C:\Users\makro\Desktop\RogueKillerX64 (2).exe
[2013.11.23 12:15:55 | 000,000,218 | ---- | C] () -- C:\Users\makro\AppData\Local\recently-used.xbel
[2013.11.21 21:37:42 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\Railroad Tycoon 3.lnk
[2013.11.21 21:09:22 | 000,002,136 | ---- | C] () -- C:\Users\Public\Desktop\Cinema Tycoon 2 Movie Mania.lnk
[2013.11.21 21:05:20 | 000,000,985 | ---- | C] () -- C:\Users\makro\Desktop\Mobogenie.lnk
[2013.11.19 20:22:30 | 000,000,801 | ---- | C] () -- C:\Users\makro\Desktop\Beast Boxing Turbo.lnk
[2013.11.17 07:28:13 | 000,009,559 | ---- | C] () -- C:\Users\makro\Desktop\griefer sas.png
[2013.11.17 07:26:57 | 000,011,651 | ---- | C] () -- C:\Users\makro\Desktop\sadasdasdasd.png
[2013.11.16 21:11:46 | 000,104,438 | ---- | C] () -- C:\Users\makro\Desktop\Bez názvu-1.psd
[2013.11.16 21:10:18 | 000,010,289 | ---- | C] () -- C:\Users\makro\Desktop\test mc griefer.png
[2013.11.16 21:00:33 | 000,006,337 | ---- | C] () -- C:\Users\makro\Desktop\images (1).jpg
[2013.11.16 20:55:01 | 000,002,304 | ---- | C] () -- C:\Users\makro\Desktop\hlavni_admin.png
[2013.11.16 15:40:26 | 000,001,502 | ---- | C] () -- C:\Users\makro\Desktop\Civilizace V.lnk
[2013.11.13 16:38:30 | 000,000,039 | ---- | C] () -- C:\Users\makro\AppData\Roaming\TheHunterSettings_live.cfg
[2013.11.13 15:48:04 | 000,000,132 | ---- | C] () -- C:\Users\Public\Desktop\theHunter.url
[2013.11.13 13:42:24 | 000,000,703 | ---- | C] () -- C:\Users\makro\Desktop\King Arthurs Gold BETA 825.lnk
[2013.11.11 20:07:01 | 000,000,957 | ---- | C] () -- C:\Users\Public\Desktop\Play Artemis.lnk
[2013.11.11 13:22:58 | 000,001,622 | ---- | C] () -- C:\Users\makro\Desktop\Trainz.lnk
[2013.11.11 12:30:33 | 000,001,771 | ---- | C] () -- C:\Users\makro\Desktop\Project Zomboid RC 2.9.8b.lnk
[2013.11.11 11:33:51 | 000,001,924 | ---- | C] () -- C:\Users\makro\Desktop\Farming Giant.lnk
[2013.11.10 21:28:57 | 000,055,043 | ---- | C] () -- C:\Users\makro\Desktop\fruitsquash.jar
[2013.11.10 21:26:29 | 000,251,819 | ---- | C] () -- C:\Users\makro\Desktop\DGenius.jar
[2013.11.10 16:51:40 | 000,009,338 | ---- | C] () -- C:\Users\makro\Desktop\stažený soubor.jpg
[2013.11.10 16:11:38 | 000,040,543 | ---- | C] () -- C:\Users\makro\Desktop\skull3-240x400.jpg
[2013.11.05 19:04:26 | 000,014,344 | ---- | C] () -- C:\Users\makro\Desktop\1422337_679808185363299_230697820_n.jpg
[2013.11.05 18:38:26 | 000,567,054 | ---- | C] () -- C:\Users\makro\Desktop\chrome 2013-11-04 20-42-02-20.bmp
[2013.11.03 13:14:15 | 000,036,273 | ---- | C] () -- C:\Users\makro\Desktop\1453338_645683532143033_652435797_n.jpg
[2013.11.02 13:37:29 | 000,043,821 | ---- | C] () -- C:\Users\makro\Desktop\The mighty jax.png
[2013.11.02 13:35:04 | 000,044,834 | ---- | C] () -- C:\Users\makro\Desktop\wellar3.png
[2013.11.02 13:35:04 | 000,044,498 | ---- | C] () -- C:\Users\makro\Desktop\wellar2.png
[2013.11.02 13:35:04 | 000,044,296 | ---- | C] () -- C:\Users\makro\Desktop\wellar4.png
[2013.11.02 13:27:54 | 000,043,781 | ---- | C] () -- C:\Users\makro\Desktop\wellar.png
[2013.11.02 13:24:03 | 000,644,564 | ---- | C] () -- C:\Users\makro\Desktop\zzzac.png
[2013.11.02 11:36:50 | 000,000,812 | ---- | C] () -- C:\Users\makro\Desktop\Cannons Lasers Rockets.lnk
[2013.11.02 10:34:16 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\Desura.lnk
[2013.09.03 15:09:44 | 000,000,090 | ---- | C] () -- C:\Users\makro\mm.cfg
[2013.07.27 15:29:14 | 000,062,818 | ---- | C] () -- C:\Users\makro\asdasdasdasdad.jpg
[2013.05.04 14:04:57 | 000,005,120 | ---- | C] () -- C:\Users\makro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 18:51:44 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.03.17 17:09:09 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2013.03.04 16:27:08 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.11.21 11:28:00 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.11.05 15:25:41 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.10.22 12:50:27 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.10.02 13:41:12 | 000,282,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.10.02 13:41:10 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe
[2012.10.02 13:41:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.23 08:59:34 | 000,017,852 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012.08.01 13:37:03 | 000,161,882 | ---- | C] () -- C:\Users\makro\gta_sa 2012-08-01 14-37-03-30.jpg
[2012.07.04 15:43:53 | 000,000,981 | ---- | C] () -- C:\Users\makro\CCleaner.lnk
[2012.07.04 13:59:34 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.06.23 14:57:52 | 000,202,965 | ---- | C] () -- C:\Users\makro\gta_sa 2012-06-23 15-57-07-21_out.jpg
[2012.06.12 13:05:41 | 003,195,158 | ---- | C] () -- C:\Users\makro\League_Of_Legends.png
[2012.05.30 18:50:06 | 000,285,575 | ---- | C] () -- C:\Users\makro\League-of-Legends-league-of-legends-29306738-1024-768.jpg
[2012.05.15 18:27:25 | 000,050,687 | ---- | C] () -- C:\Users\makro\522373_309948675748296_100001994986065_718351_118749266_n.jpg
[2012.04.25 10:09:36 | 001,261,056 | R--- | C] () -- C:\Windows\setup_rangers.exe
[2012.03.16 16:25:54 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.03.11 22:37:07 | 000,006,458 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.22 11:48:54 | 000,001,905 | ---- | C] () -- C:\Users\makro\README.HTM
[2011.06.09 18:18:31 | 000,024,209 | ---- | C] () -- C:\Users\makro\AppData\Roaming\UserTile.png
[2011.06.04 08:48:14 | 000,007,597 | ---- | C] () -- C:\Users\makro\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.12.15 11:25:47 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.12.15 11:25:47 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.12.15 11:25:47 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.24 14:25:17 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.ceskejparan
[2013.11.24 15:35:13 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.minecraft
[2013.06.15 15:42:21 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.mono
[2013.06.26 11:24:16 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.StarMade
[2013.05.06 13:58:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.technic
[2013.05.06 14:00:25 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.techniclauncher
[2013.05.22 17:31:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\11bitstudios
[2013.08.15 12:22:18 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\3909
[2013.05.02 20:19:08 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\3909 LLC
[2012.05.10 11:29:01 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AnvSoft
[2012.11.26 14:42:16 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AtomZombieData
[2013.09.19 07:23:46 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Audacity
[2013.11.23 08:22:28 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVAST Software
[2013.10.24 12:16:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVG
[2012.09.17 18:19:18 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVG2013
[2013.08.22 12:47:15 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Awesomium
[2013.09.10 19:21:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\backbeat
[2013.10.24 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Battle.net
[2013.12.01 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\BitTorrent
[2012.11.12 18:41:45 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Blue Cat Audio
[2012.11.09 20:30:03 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Carbon
[2012.11.06 17:48:53 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.06.30 17:28:56 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\com.shirogames.evoland
[2012.02.19 20:11:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\com.w3i.FlipToast
[2013.10.14 20:11:50 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Crazy Viking Studios
[2013.12.01 11:15:07 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DAEMON Tools Lite
[2012.09.04 11:54:56 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DAEMON Tools Pro
[2013.09.28 12:46:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DownLite
[2013.07.14 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Enterbrain
[2012.07.05 10:57:33 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\ESET
[2013.08.04 07:46:45 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Factorio
[2013.03.02 16:15:09 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\fizzy
[2011.05.26 13:31:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\flightgear.org
[2011.05.26 13:31:57 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\fltk.org
[2012.03.02 23:23:50 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\funkitron
[2011.02.14 21:36:36 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\GHISLER
[2013.02.12 11:52:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Hive Cluster
[2013.07.19 11:03:54 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\ICQ
[2012.12.10 07:27:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\IObit
[2013.04.06 12:31:02 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\JAM Software
[2013.03.18 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Little Inferno
[2011.07.19 11:18:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\LolClient
[2012.05.24 10:28:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\LolClient2
[2013.06.18 09:44:29 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Lonely Troops
[2013.10.30 18:38:34 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\MAXON
[2013.10.31 17:19:46 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Milestone
[2013.01.18 19:21:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Mount&Blade Warband
[2012.09.12 18:21:30 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Mount&Blade With Fire and Sword
[2013.04.01 10:44:51 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Natural Selection 2
[2012.08.20 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Need for Speed World
[2013.09.07 19:51:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Origin
[2013.03.15 15:07:20 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Play withSIX
[2013.08.20 13:20:13 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Pro Cycling Manager 2013
[2012.01.23 13:47:52 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Publish Providers
[2011.06.24 12:32:03 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\PunkBuster
[2013.08.23 09:13:33 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Python-Eggs
[2013.11.04 16:39:40 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\RedDotGames
[2013.08.28 12:18:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\rigonauts
[2013.10.30 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Rogue Legacy
[2013.01.08 21:23:37 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SoftGrid Client
[2012.06.01 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SolarFlare
[2013.09.10 19:50:48 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SolForge
[2013.06.23 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Solveig Multimedia
[2013.12.01 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sony
[2012.01.23 18:24:35 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sony Creative Software Inc
[2013.10.24 14:06:11 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SpaceEngineers
[2012.10.03 13:43:55 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.07.14 20:05:15 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\StarDrive
[2013.05.27 17:31:39 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sword of the Stars - The Pit
[2013.10.26 12:49:29 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TeamViewer
[2013.11.13 17:35:26 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\theHunter
[2011.07.28 15:55:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Tific
[2012.03.11 22:39:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TP
[2013.03.31 19:37:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Trine2
[2013.12.01 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TS3Client
[2012.09.17 18:17:24 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TuneUp Software
[2013.11.13 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Tunngle
[2012.04.01 08:07:27 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\twinstar_launcher
[2013.06.23 18:41:32 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Ubisoft
[2012.02.27 17:21:57 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Unity
[2013.12.01 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\uTorrent
[2011.02.28 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Vodafone
[2012.08.01 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\wargaming.net
[2011.05.11 14:14:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\WildTangent
[2011.05.13 18:19:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\WildTangentv1002
[2012.05.11 22:12:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Windows Live Writer
[2013.12.01 08:42:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Wise Care 365
[2013.05.23 09:04:15 | 000,000,000 | -HSD | M] -- C:\Users\makro\AppData\Roaming\wyUpdate AU
[2011.06.18 19:14:40 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Zoner
[2011.07.23 06:50:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

[jaro3]

Drive C: | 449,12 Gb Total Space | 8,95 Gb Free Space | 1,99% Space Free | Partition Type: NTFS

To nemyslíš vážně s tím volným místem. Windows potřebuje pro svou činnost alespoň 15% volného místa..Něco odinstaluj , smaž. Uvolni místo.

12:43:14.028 File: C:\Users\makro\Desktop\DRMLESS\emulator\Stop.exe **INFECTED** Win32:Malware-gen
13:02:41.068 File: C:\Users\makro\Downloads\DRMLESS\emulator\Stop.exe **INFECTED** Win32:Malware-gen
13:08:12.394 File: C:\Users\makro\Downloads\TS2013\Steam\steamapps\common\railworks\BlueprintEditor.exe **INFECTED** Win32:Evo-gen [Susp]

Znáš to? Smaž to.

Po uvolnění na disku dej nový log z HJT.

[Wellar]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:34:57, on 4.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\program files (x86)\common files\installshield\updateservice\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GetPrivate] C:\Program Files (x86)\GetPrivate\GetPrivate.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\1242ee6e-df61-4840-9e2d-5540cd5a94ae.exe /check
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [LightScribe Control Panel] c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe -hidden
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10438 bytes

[jaro3]

Smazal si ty malwary?

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com


Udělej znovu OTL , po uvolnění místa na disku.

[Wellar]

Malwary jsem smazal, fixnul jsem HJT, ale co OTL? Mám tam dát vyčistit nebo co?

[jaro3]

Uvolnil si místo na disku?

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Wellar]

Už tam mám volno přes 50%
Jinak mi to vyplitvlo jen 1 log
OTL logfile created on: 7.12.2013 20:41:53 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\makro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,62% Memory free
7,49 Gb Paging File | 5,84 Gb Available in Paging File | 78,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,12 Gb Total Space | 179,14 Gb Free Space | 39,89% Space Free | Partition Type: NTFS
Drive D: | 16,34 Gb Total Space | 2,32 Gb Free Space | 14,19% Space Free | Partition Type: NTFS

Computer Name: HP | User Name: makro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\makro\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WiseBootAssistant) -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe (WiseCleaner.com)
SRV - (AdvancedSystemCareService6) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{EF1D2894-1012-415E-A5BB-9DFCCA32B0A3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {537ED7E4-FFE8-4629-AA56-CA9887DF8B93}
IE - HKCU\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\makro\AppData\Local\Roblox\Versions\version-394f11f19cd64b1a\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\makro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.11.22 11:45:50 | 000,000,000 | ---D | M]

[2013.05.07 14:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.10.14 12:06:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\makro\AppData\Local\Roblox\Versions\version-8484f0d4199b4d0f\\NPRobloxProxy.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Skype Click to Call = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Battlefield Play4Free = C:\Users\makro\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\

O1 HOSTS File: ([2013.11.29 12:06:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe ()
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\1242ee6e-df61-4840-9e2d-5540cd5a94ae.exe (AVAST Software)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISUSScheduler] c:\program files (x86)\common files\installshield\updateservice\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [LightScribe Control Panel] c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe (Hewlett-Packard Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F12B883-BFD1-4712-8399-3C2D49E10AB7}: DhcpNameServer = 7.254.254.254

[Wellar]

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB0D2EB-FEA1-47E9-A61E-6885D81B24BA}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2DC8F44-637A-4BFE-A49B-B5FCB82B45C3}: DhcpNameServer = 217.77.165.81 217.77.161.131
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.12.06 18:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.12.06 14:11:34 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\Clickteam
[2013.12.06 14:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedia Fusion Developer 2
[2013.12.06 14:05:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multimedia Fusion Developer 2
[2013.12.04 20:04:23 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\Pokemon-Online Logs
[2013.12.04 18:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2013.12.04 07:17:22 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013.12.04 07:17:21 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013.12.04 07:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.12.04 07:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.12.01 11:18:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\makro\Desktop\OTL.exe
[2013.11.30 14:36:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.11.29 12:03:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.11.28 17:19:43 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Blizzard
[2013.11.28 17:18:36 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Blizzard Entertainment
[2013.11.28 17:18:25 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Battle.net
[2013.11.28 09:38:41 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\{4E66AA49-608F-4BEF-95EA-0D6266BA160B}
[2013.11.27 19:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.11.24 14:44:13 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\CrashDumps
[2013.11.24 10:38:21 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Adobe
[2013.11.23 12:32:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.23 12:21:39 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\ATI
[2013.11.23 12:20:51 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Apps
[2013.11.23 08:22:28 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\AVAST Software
[2013.11.22 11:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013.11.21 21:25:20 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\LDW
[2013.11.21 21:13:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BigFish
[2013.11.21 21:08:56 | 000,000,000 | ---D | C] -- C:\Windows\Cinema Tycoon 2 Movie Mania
[2013.11.21 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\Mobogenie
[2013.11.21 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\Mobogenie
[2013.11.21 21:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013.11.16 16:59:11 | 000,000,000 | ---D | C] -- C:\PROGRAM1
[2013.11.16 15:42:36 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\My Games
[2013.11.13 20:26:34 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.11.13 20:26:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.11.13 20:26:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.11.13 20:26:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.11.13 20:26:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.11.13 20:26:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.11.13 20:26:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.11.13 20:26:31 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.11.13 20:26:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.11.13 20:26:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.11.13 20:26:30 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.11.13 20:26:27 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.11.13 20:26:26 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.11.13 20:26:26 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.11.13 20:26:25 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.11.13 19:55:52 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.11.13 19:55:29 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.11.13 19:55:27 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.11.13 19:55:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013.11.13 19:55:26 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013.11.13 19:55:25 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013.11.13 19:55:16 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.11.13 19:55:08 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.11.13 19:55:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.11.13 19:55:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.11.13 19:55:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.11.13 19:55:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.11.13 19:54:56 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.11.13 19:54:55 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.11.13 19:54:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013.11.13 19:54:54 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.11.13 17:35:33 | 000,000,000 | ---D | C] -- C:\Users\makro\Documents\theHunter
[2013.11.13 17:35:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Roaming\theHunter
[2013.11.13 17:35:26 | 000,000,000 | ---D | C] -- C:\Users\makro\AppData\Local\theHunter
[2013.11.13 15:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Hunter
[2013.11.13 13:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2013.11.09 10:49:32 | 000,000,000 | ---D | C] -- C:\Users\makro\deskop dungeon

========== Files - Modified Within 30 Days ==========

[2013.12.07 20:09:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.07 19:55:58 | 000,246,586 | ---- | M] () -- C:\Users\makro\league-of-legends-riven-1366x768.jpg
[2013.12.07 08:30:54 | 000,282,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.12.07 08:30:54 | 000,282,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.12.07 08:30:31 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.12.07 08:19:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.07 08:19:30 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.07 08:10:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.06 17:45:16 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormakro.job
[2013.12.06 14:07:39 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Multimedia Fusion Developer 2.lnk
[2013.12.01 18:35:54 | 004,890,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.01 11:18:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\makro\Desktop\OTL.exe
[2013.12.01 11:12:04 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.11.29 12:06:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.11.27 19:18:24 | 174,969,888 | ---- | M] () -- C:\Users\makro\Desktop\Kaspersky-Virus-Removal-Tool_11.0.0.1245_[07.07.2013].exe
[2013.11.23 16:06:30 | 004,161,024 | ---- | M] () -- C:\Users\makro\Desktop\RogueKillerX64 (2).exe
[2013.11.23 12:15:55 | 000,000,218 | ---- | M] () -- C:\Users\makro\AppData\Local\recently-used.xbel
[2013.11.22 11:45:42 | 000,205,320 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.11.22 11:45:42 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.11.22 11:45:42 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.11.22 11:45:41 | 001,032,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.11.22 11:45:41 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.11.22 11:45:41 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.11.22 11:45:41 | 000,084,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.11.22 11:45:41 | 000,038,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.11.22 11:45:40 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.11.22 11:45:33 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.11.22 11:39:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.11.17 07:28:14 | 000,000,132 | ---- | M] () -- C:\Users\makro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2013.11.13 16:38:30 | 000,000,039 | ---- | M] () -- C:\Users\makro\AppData\Roaming\TheHunterSettings_live.cfg
[2013.11.13 13:37:56 | 000,000,957 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk

========== Files Created - No Company Name ==========

[2013.12.07 19:55:58 | 000,246,586 | ---- | C] () -- C:\Users\makro\league-of-legends-riven-1366x768.jpg
[2013.12.06 14:06:36 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Multimedia Fusion Developer 2.lnk
[2013.12.01 18:35:32 | 004,890,832 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.11.27 19:18:36 | 174,969,888 | ---- | C] () -- C:\Users\makro\Desktop\Kaspersky-Virus-Removal-Tool_11.0.0.1245_[07.07.2013].exe
[2013.11.23 16:06:39 | 004,161,024 | ---- | C] () -- C:\Users\makro\Desktop\RogueKillerX64 (2).exe
[2013.11.23 12:15:55 | 000,000,218 | ---- | C] () -- C:\Users\makro\AppData\Local\recently-used.xbel
[2013.11.13 16:38:30 | 000,000,039 | ---- | C] () -- C:\Users\makro\AppData\Roaming\TheHunterSettings_live.cfg
[2013.11.02 13:35:04 | 000,044,498 | ---- | C] () -- C:\Users\makro\wellar2.png
[2013.11.02 13:35:04 | 000,044,296 | ---- | C] () -- C:\Users\makro\wellar4.png
[2013.11.02 13:27:54 | 000,043,781 | ---- | C] () -- C:\Users\makro\wellar.png
[2013.09.03 15:09:44 | 000,000,090 | ---- | C] () -- C:\Users\makro\mm.cfg
[2013.08.26 18:47:29 | 000,001,350 | ---- | C] () -- C:\Users\makro\ROBLOX Player.lnk
[2013.07.27 15:29:14 | 000,062,818 | ---- | C] () -- C:\Users\makro\asdasdasdasdad.jpg
[2013.05.04 14:04:57 | 000,005,120 | ---- | C] () -- C:\Users\makro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 18:51:44 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.03.17 17:09:09 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2013.03.04 16:27:08 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012.11.21 11:28:00 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.11.05 15:25:41 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.10.22 12:50:27 | 000,000,132 | ---- | C] () -- C:\Users\makro\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.10.02 13:41:12 | 000,282,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.10.02 13:41:10 | 002,484,592 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_p4f.exe
[2012.10.02 13:41:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.23 08:59:34 | 000,017,852 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012.08.01 13:37:03 | 000,161,882 | ---- | C] () -- C:\Users\makro\gta_sa 2012-08-01 14-37-03-30.jpg
[2012.07.04 15:43:53 | 000,000,981 | ---- | C] () -- C:\Users\makro\CCleaner.lnk
[2012.07.04 13:59:34 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.06.23 14:57:52 | 000,202,965 | ---- | C] () -- C:\Users\makro\gta_sa 2012-06-23 15-57-07-21_out.jpg
[2012.06.12 13:05:41 | 003,195,158 | ---- | C] () -- C:\Users\makro\League_Of_Legends.png
[2012.05.30 18:50:06 | 000,285,575 | ---- | C] () -- C:\Users\makro\League-of-Legends-league-of-legends-29306738-1024-768.jpg
[2012.05.15 18:27:25 | 000,050,687 | ---- | C] () -- C:\Users\makro\522373_309948675748296_100001994986065_718351_118749266_n.jpg
[2012.04.25 10:09:36 | 001,261,056 | R--- | C] () -- C:\Windows\setup_rangers.exe
[2012.03.16 16:25:54 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.03.11 22:37:07 | 000,006,458 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.22 11:48:54 | 000,001,905 | ---- | C] () -- C:\Users\makro\README.HTM
[2011.06.09 18:18:31 | 000,024,209 | ---- | C] () -- C:\Users\makro\AppData\Roaming\UserTile.png
[2011.06.04 08:48:14 | 000,007,597 | ---- | C] () -- C:\Users\makro\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.12.15 11:25:47 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.12.15 11:25:47 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.12.15 11:25:47 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.24 14:25:17 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.ceskejparan
[2013.11.24 15:35:13 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.minecraft
[2013.06.15 15:42:21 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.mono
[2013.06.26 11:24:16 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.StarMade
[2013.05.06 13:58:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.technic
[2013.05.06 14:00:25 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\.techniclauncher
[2013.05.22 17:31:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\11bitstudios
[2013.08.15 12:22:18 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\3909
[2013.05.02 20:19:08 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\3909 LLC
[2012.05.10 11:29:01 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AnvSoft
[2012.11.26 14:42:16 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AtomZombieData
[2013.09.19 07:23:46 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Audacity
[2013.11.23 08:22:28 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVAST Software
[2013.10.24 12:16:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVG
[2012.09.17 18:19:18 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\AVG2013
[2013.08.22 12:47:15 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Awesomium
[2013.09.10 19:21:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\backbeat
[2013.10.24 14:06:30 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Battle.net
[2013.12.07 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\BitTorrent
[2012.11.12 18:41:45 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Blue Cat Audio
[2012.11.09 20:30:03 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Carbon
[2012.11.06 17:48:53 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.12.06 14:11:34 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Clickteam
[2013.06.30 17:28:56 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\com.shirogames.evoland
[2012.02.19 20:11:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\com.w3i.FlipToast
[2013.10.14 20:11:50 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Crazy Viking Studios
[2013.12.01 11:15:07 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DAEMON Tools Lite
[2012.09.04 11:54:56 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DAEMON Tools Pro
[2013.09.28 12:46:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\DownLite
[2013.07.14 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Enterbrain
[2012.07.05 10:57:33 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\ESET
[2013.08.04 07:46:45 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Factorio
[2013.03.02 16:15:09 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\fizzy
[2011.05.26 13:31:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\flightgear.org
[2011.05.26 13:31:57 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\fltk.org
[2012.03.02 23:23:50 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\funkitron
[2011.02.14 21:36:36 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\GHISLER
[2013.02.12 11:52:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Hive Cluster
[2013.07.19 11:03:54 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\ICQ
[2012.12.10 07:27:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\IObit
[2013.04.06 12:31:02 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\JAM Software
[2013.03.18 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Little Inferno
[2011.07.19 11:18:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\LolClient
[2012.05.24 10:28:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\LolClient2
[2013.06.18 09:44:29 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Lonely Troops
[2013.10.30 18:38:34 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\MAXON
[2013.10.31 17:19:46 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Milestone
[2013.01.18 19:21:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Mount&Blade Warband
[2012.09.12 18:21:30 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Mount&Blade With Fire and Sword
[2013.04.01 10:44:51 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Natural Selection 2
[2012.08.20 17:07:06 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Need for Speed World
[2013.09.07 19:51:00 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Origin
[2013.03.15 15:07:20 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Play withSIX
[2013.08.20 13:20:13 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Pro Cycling Manager 2013
[2012.01.23 13:47:52 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Publish Providers
[2011.06.24 12:32:03 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\PunkBuster
[2013.08.23 09:13:33 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Python-Eggs
[2013.11.04 16:39:40 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\RedDotGames
[2013.08.28 12:18:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\rigonauts
[2013.10.30 12:20:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Rogue Legacy
[2013.01.08 21:23:37 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SoftGrid Client
[2012.06.01 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SolarFlare
[2013.09.10 19:50:48 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SolForge
[2013.06.23 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Solveig Multimedia
[2013.12.01 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sony
[2012.01.23 18:24:35 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sony Creative Software Inc
[2013.10.24 14:06:11 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\SpaceEngineers
[2012.10.03 13:43:55 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.07.14 20:05:15 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\StarDrive
[2013.05.27 17:31:39 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Sword of the Stars - The Pit
[2013.10.26 12:49:29 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TeamViewer
[2013.11.13 17:35:26 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\theHunter
[2011.07.28 15:55:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Tific
[2012.03.11 22:39:19 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TP
[2013.03.31 19:37:47 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Trine2
[2013.12.01 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TS3Client
[2012.09.17 18:17:24 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\TuneUp Software
[2013.11.13 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Tunngle
[2012.04.01 08:07:27 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\twinstar_launcher
[2013.06.23 18:41:32 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Ubisoft
[2012.02.27 17:21:57 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Unity
[2013.12.01 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\uTorrent
[2011.02.28 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Vodafone
[2012.08.01 19:50:25 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\wargaming.net
[2011.05.11 14:14:05 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\WildTangent
[2011.05.13 18:19:44 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\WildTangentv1002
[2012.05.11 22:12:59 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Windows Live Writer
[2013.12.07 08:13:01 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Wise Care 365
[2013.05.23 09:04:15 | 000,000,000 | -HSD | M] -- C:\Users\makro\AppData\Roaming\wyUpdate AU
[2011.06.18 19:14:40 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\Zoner
[2011.07.23 06:50:10 | 000,000,000 | ---D | M] -- C:\Users\makro\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{EF1D2894-1012-415E-A5BB-9DFCCA32B0A3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes,DefaultScope = {537ED7E4-FFE8-4629-AA56-CA9887DF8B93}
IE - HKCU\..\SearchScopes\{537ED7E4-FFE8-4629-AA56-CA9887DF8B93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
[2013.05.07 14:50:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CB0AACC9

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\makro\AppData\Roaming\AVG
C:\Windows\SysNative\drivers\epfw.sys
C:\Users\makro\AppData\Roaming\AVG2013
C:\Users\makro\AppData\Roaming\ESET

:Reg
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.