Brothersoft toolbar a search.conduit

[Marinne]

Dobrý večer,

pri inštalácií iného programu sa mi do prehliadača dostal Brothersoft toolbar. Po jeho odinštalovaní (klasicky cez Control Panel) mi zmizol z chromu, ale vo Firefoxe je naďalej. Chrome po spustení preskočí na stránku: http://search.conduit.com/?ctid=CT32057 ... hSource=48

Ďakujem za pomoc


RSIT log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivet at 2012-11-21 20:24:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (54%) free of 458 GB
Total RAM: 4006 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:36, on 21.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ivet.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3205709
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [googletalk] C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ivet\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Ivet\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Cisco JabberVideo] "C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe" /logon
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: WebEx Service Host for Support Center (atashost) - Cisco WebEx LLC - C:\windows\SysWOW64\atashost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17889 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\windows\SysWOW64\atashost.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files (x86)\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files (x86)\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Config"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
WLIDSvcM.exe 3044
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
"C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe" /logon
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\iPod\bin\iPodService.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7920.1aa64f20.736463735 "C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5}\plugins\np-mswmp.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 7920 "\\.\pipe\gecko-crash-server-pipe.7920" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7920.1184c790.1398809883 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 7920 "\\.\pipe\gecko-crash-server-pipe.7920" plugin
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/5/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --channel="2412.0.1240238048\1945513448" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2412.1.1498395910\220892674" --gpu-vendor-id=0x8086 --gpu-device-id=0x0126 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/InstantChannel/Stable/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/5/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_76/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --extension-process --renderer-print-preview --channel="2412.2.1021147124\1816988965" /prefetch:3
"C:\windows\system32\notepad.exe"
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ivet\Downloads\skola2\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
C:\windows\tasks\HPCeeScheduleForIvet.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default

prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT32057 ... CUI=SB_CUI"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=C:\windows\SysWOW64\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{62d40876-df18-411f-9d34-a9dd7a197bc5}

C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\searchplugins\
brothersoft-extreme3-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-03-10 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-05-14 329504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-05-14 59168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-03-17 13880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2012-02-08 200704]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16 499608]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-09 1128448]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 4035152]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-05-14 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-05-14 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-05-14 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"googletalk"=C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Google Update"=C:\Users\Ivet\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-17 136176]
"Facebook Update"=C:\Users\Ivet\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Cisco JabberVideo"=C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe [2012-02-15 5981144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\windows\SysWOW64\Macromed\Flash\FlashUtil11f_Plugin.exe [2012-02-16 250016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-03-10 12277760]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-01-17 112152]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
""= []
"HPQuickWebProxy"=c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-03-31 76344]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-19 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2012-10-04 1912832]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2012-01-13 527312]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
vpngui.exe.lnk - C:\windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

C:\Users\Ivet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-05-14 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\atashost]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-21 20:20:29 ----D---- C:\Program Files\trend micro
2012-11-21 20:20:28 ----D---- C:\rsit
2012-11-20 20:22:53 ----SHD---- C:\Config.Msi
2012-11-20 20:21:13 ----D---- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2012-11-17 03:13:45 ----A---- C:\windows\system32\Wdfres.dll
2012-11-17 03:13:45 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2012-11-17 03:13:45 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2012-11-17 03:07:09 ----A---- C:\windows\system32\mshtmled.dll
2012-11-17 03:07:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-11-17 03:07:08 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-11-17 03:07:07 ----A---- C:\windows\SYSWOW64\url.dll
2012-11-17 03:07:07 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-11-17 03:07:07 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-11-17 03:07:07 ----A---- C:\windows\system32\url.dll
2012-11-17 03:07:07 ----A---- C:\windows\system32\ieUnatt.exe
2012-11-17 03:07:07 ----A---- C:\windows\system32\ieui.dll
2012-11-17 03:07:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-11-17 03:07:06 ----A---- C:\windows\system32\urlmon.dll
2012-11-17 03:07:06 ----A---- C:\windows\system32\jscript9.dll
2012-11-17 03:07:05 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-11-17 03:07:05 ----A---- C:\windows\system32\msfeeds.dll
2012-11-17 03:07:04 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-11-17 03:07:04 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-11-17 03:07:04 ----A---- C:\windows\system32\wininet.dll
2012-11-17 03:07:04 ----A---- C:\windows\system32\jsproxy.dll
2012-11-17 03:07:03 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-11-17 03:07:03 ----A---- C:\windows\system32\vbscript.dll
2012-11-17 03:07:03 ----A---- C:\windows\system32\jscript.dll
2012-11-17 03:07:03 ----A---- C:\windows\system32\iertutil.dll
2012-11-17 03:07:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-11-17 03:07:02 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-11-17 03:06:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-11-17 03:06:58 ----A---- C:\windows\system32\mshtml.dll
2012-11-17 03:06:57 ----A---- C:\windows\system32\ieframe.dll
2012-11-17 03:06:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-11-17 03:03:37 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2012-11-17 03:03:37 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2012-11-17 03:03:36 ----A---- C:\windows\system32\WUDFSvc.dll
2012-11-17 03:03:35 ----A---- C:\windows\system32\WUDFPlatform.dll
2012-11-17 03:03:34 ----A---- C:\windows\system32\WUDFHost.exe
2012-11-17 03:03:34 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2012-11-17 03:03:33 ----A---- C:\windows\system32\WUDFx.dll
2012-11-16 19:39:28 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2012-11-16 19:39:28 ----A---- C:\windows\system32\dhcpcore6.dll
2012-11-16 19:39:27 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2012-11-16 19:39:27 ----A---- C:\windows\system32\dhcpcsvc6.dll
2012-11-16 19:39:25 ----A---- C:\windows\system32\win32k.sys
2012-11-16 19:39:23 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-11-16 19:39:22 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2012-11-16 19:39:22 ----A---- C:\windows\SYSWOW64\netevent.dll
2012-11-16 19:39:22 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2012-11-16 19:39:22 ----A---- C:\windows\SYSWOW64\ncsi.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\nlasvc.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\nlaapi.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\netevent.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\netcorehc.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\ncsi.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\iphlpsvc.dll
2012-11-16 19:39:22 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2012-11-16 19:39:01 ----A---- C:\windows\SYSWOW64\synceng.dll
2012-11-16 19:39:01 ----A---- C:\windows\system32\synceng.dll
2012-11-14 11:34:23 ----D---- C:\ProgramData\Cisco
2012-11-14 11:10:12 ----D---- C:\Program Files\Common Files\Deterministic Networks
2012-11-14 11:10:12 ----D---- C:\Program Files (x86)\Cisco Systems
2012-11-07 22:48:34 ----D---- C:\Program Files (x86)\Scratch
2012-10-25 09:52:06 ----A---- C:\windows\SYSWOW64\SQSRVRES.DLL
2012-10-23 23:59:41 ----A---- C:\windows\SYSWOW64\perf-MSSQL10_50.MSSQLSERVER-sqlagtctr.dll
2012-10-23 23:59:28 ----A---- C:\windows\SYSWOW64\perf-MSSQLSERVER-sqlctr10.50.1600.1.dll
2012-10-23 23:45:41 ----D---- C:\Program Files (x86)\Microsoft SDKs
2012-10-23 23:45:39 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-10-23 23:45:24 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2012-10-23 23:43:24 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-10-23 23:43:19 ----D---- C:\windows\SYSWOW64\1033
2012-10-23 23:43:19 ----D---- C:\windows\system32\1033
2012-10-23 22:40:52 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2012-10-23 22:13:52 ----D---- C:\Program Files\Microsoft SQL Server
2012-10-23 00:57:35 ----D---- C:\Users\Ivet\AppData\Roaming\e-academy Inc
2012-10-23 00:04:45 ----A---- C:\windows\system32\drivers\VBoxDrv.sys
2012-10-23 00:04:31 ----A---- C:\windows\system32\drivers\VBoxUSBMon.sys

======List of files/folders modified in the last 1 month======

2012-11-21 20:24:35 ----D---- C:\windows\Temp
2012-11-21 20:20:29 ----RD---- C:\Program Files
2012-11-21 20:16:42 ----D---- C:\windows\system32\config
2012-11-21 19:48:49 ----RD---- C:\Program Files (x86)
2012-11-21 19:38:22 ----D---- C:\windows\System32
2012-11-21 19:38:22 ----D---- C:\windows\inf
2012-11-21 19:38:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-11-21 19:35:48 ----D---- C:\Users\Ivet\AppData\Roaming\Dropbox
2012-11-21 19:35:17 ----A---- C:\windows\SYSWOW64\log.txt
2012-11-21 19:33:35 ----D---- C:\windows\Prefetch
2012-11-21 19:33:17 ----D---- C:\ProgramData\HPQLOG
2012-11-21 15:11:15 ----SHD---- C:\System Volume Information
2012-11-20 20:28:30 ----D---- C:\windows\Tasks
2012-11-20 20:28:30 ----D---- C:\windows\system32\Tasks
2012-11-20 20:28:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-20 20:27:57 ----D---- C:\windows\Help
2012-11-20 20:27:45 ----D---- C:\windows\winsxs
2012-11-20 20:25:12 ----SHD---- C:\windows\Installer
2012-11-20 20:25:04 ----RSD---- C:\windows\assembly
2012-11-20 20:23:30 ----D---- C:\Program Files (x86)\Hewlett-Packard
2012-11-20 20:21:13 ----HD---- C:\ProgramData
2012-11-20 20:19:17 ----D---- C:\swsetup
2012-11-19 01:32:37 ----D---- C:\Users\Ivet\AppData\Roaming\vlc
2012-11-17 13:03:31 ----D---- C:\windows\rescache
2012-11-17 12:42:40 ----D---- C:\windows\Microsoft.NET
2012-11-17 03:34:54 ----D---- C:\windows\SYSWOW64\en-US
2012-11-17 03:34:54 ----D---- C:\windows\SysWOW64
2012-11-17 03:34:54 ----D---- C:\windows\system32\en-US
2012-11-17 03:34:53 ----D---- C:\windows\system32\wbem
2012-11-17 03:34:53 ----D---- C:\windows\system32\drivers\en-US
2012-11-17 03:34:53 ----D---- C:\windows\system32\drivers
2012-11-17 03:34:51 ----D---- C:\windows\PolicyDefinitions
2012-11-17 03:34:50 ----D---- C:\windows\SYSWOW64\migration
2012-11-17 03:34:50 ----D---- C:\windows\system32\migration
2012-11-17 03:34:50 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-17 03:34:48 ----D---- C:\Program Files\Internet Explorer
2012-11-17 03:34:43 ----RSD---- C:\windows\Fonts
2012-11-17 03:18:29 ----D---- C:\ProgramData\Microsoft Help
2012-11-17 03:14:01 ----D---- C:\windows\system32\catroot
2012-11-17 03:07:31 ----D---- C:\windows\system32\catroot2
2012-11-17 03:04:32 ----A---- C:\windows\system32\MRT.exe
2012-11-17 02:22:23 ----D---- C:\FILMY
2012-11-16 23:14:53 ----D---- C:\Users\Ivet\AppData\Roaming\dvdcss
2012-11-14 11:35:06 ----D---- C:\windows\system32\DriverStore
2012-11-14 11:34:49 ----SD---- C:\ProgramData\Microsoft
2012-11-14 11:34:49 ----D---- C:\Program Files (x86)\Cisco
2012-11-14 11:11:26 ----D---- C:\Windows
2012-11-14 11:10:12 ----D---- C:\Program Files\Common Files
2012-11-12 00:41:00 ----D---- C:\Users\Ivet\AppData\Roaming\KeePass
2012-11-11 19:54:47 ----RD---- C:\Users
2012-11-11 19:47:18 ----D---- C:\temp
2012-11-11 10:52:20 ----DC---- C:\windows\system32\DRVSTORE
2012-11-06 20:20:58 ----D---- C:\Users\Ivet\AppData\Roaming\MahJong Suite
2012-10-30 23:32:17 ----SD---- C:\Users\Ivet\AppData\Roaming\Microsoft
2012-10-24 13:24:34 ----D---- C:\windows\system32\wdi
2012-10-23 23:59:41 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2012-10-23 23:52:32 ----D---- C:\Program Files (x86)\Microsoft Office
2012-10-23 23:51:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-23 23:48:11 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-02-08 100808]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-02-08 158920]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-05 279616]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 CiscoSerial;CiscoPort; C:\windows\system32\DRIVERS\CiscoUsbConsoleWindowsDriver64.sys [2009-10-16 95232]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;Deterministic Network Enhancer Miniport; C:\windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-03-15 514736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-03-22 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-05-14 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-05-14 317440]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-07-16 173656]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-10-15 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2010-12-21 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-01-09 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vpcbus;Virtual PC Host Bus Service; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;USB Virtualization Connector Service; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 acsock;acsock; C:\windows\system32\DRIVERS\acsock64.sys [2012-01-13 106408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-03-03 63336]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2008-03-13 68800]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2012-04-13 85384]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-18 131416]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\windows\system32\DRIVERS\vpnva64.sys [2012-01-13 26536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2012-01-09 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 atashost;WebEx Service Host for Support Center; C:\windows\SysWOW64\atashost.exe [2011-12-04 133944]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-04-01 485712]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-03-17 132152]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-03-10 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-02-08 1323008]
R2 MsDtsServer100;SQL Server Integration Services 10.0; C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-04-24 214880]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2011-04-24 42872672]
R2 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [2010-04-03 25768800]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-09 301568]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-08-23 3175728]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-01-13 476112]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-04-04 30776]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-23 136176]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-03-07 464512]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-23 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2011-04-24 367456]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

-----------------EOF-----------------

[vyosek]

Zdravim, pekny vecer preji a vitam vas u nas na foru

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[Marinne]

Ďakujem za uvítanie

Prikladám log:

# AdwCleaner v2.008 - Logfile created 11/21/2012 at 21:33:42
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Ivet - HP-IVET
# Boot Mode : Normal
# Running from : C:\Users\Ivet\Downloads\skola2\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Ivet\AppData\Local\Temp\Uninstall.exe
Folder Found : C:\Users\Ivet\AppData\Local\Conduit
Folder Found : C:\Users\Ivet\AppData\Local\Temp\CT3205709
Folder Found : C:\Users\Ivet\AppData\LocalLow\Conduit
Folder Found : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\CT3205709
Folder Found : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5}
Folder Found : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\Smartbar
Folder Found : C:\Users\Ivet\AppData\Roaming\pdfforge

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Description
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3205709

-\\ Mozilla Firefox v11.0 (cs)

Profile name : default
File : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\prefs.js

Found : user_pref("CT3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3205709.FirstTime", "true");
Found : user_pref("CT3205709.FirstTimeFF3", "true");
Found : user_pref("CT3205709.RevertSettingsEnabled", true);
Found : user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]
Found : user_pref("CT3205709.UserID", "UN71354275005519756");
Found : user_pref("CT3205709.autoDisableScopes", -1);
Found : user_pref("CT3205709.browser.search.defaultthis.engineName", true);
Found : user_pref("CT3205709.defaultSearch", "true");
Found : user_pref("CT3205709.enableAlerts", "always");
Found : user_pref("CT3205709.enableSearchFromAddressBar", "true");
Found : user_pref("CT3205709.firstTimeDialogOpened", "true");
Found : user_pref("CT3205709.fixPageNotFoundError", "true");
Found : user_pref("CT3205709.fixUrls", true);
Found : user_pref("CT3205709.installId", "secondoffer1.exe");
Found : user_pref("CT3205709.installType", "conduitnsisintegration");
Found : user_pref("CT3205709.isCheckedStartAsHidden", true);
Found : user_pref("CT3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3205709.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3205709.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3205709.keyword", true);
Found : user_pref("CT3205709.migrateAppsAndComponents", true);
Found : user_pref("CT3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT3205709.openThankYouPage", "false");
Found : user_pref("CT3205709.openUninstallPage", "true");
Found : user_pref("CT3205709.revertSettingsEnabled", "false");
Found : user_pref("CT3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3205709.serviceLayer_services_searchAPI_lastUpdate", "1353523191802");
Found : user_pref("CT3205709.serviceLayer_services_serviceMap_lastUpdate", "1353523191333");
Found : user_pref("CT3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1353523192003");
Found : user_pref("CT3205709.settingsINI", true);
Found : user_pref("CT3205709.shouldFirstTimeDialog", "false");
Found : user_pref("CT3205709.smartbar.CTID", "CT3205709");
Found : user_pref("CT3205709.smartbar.Uninstall", "0");
Found : user_pref("CT3205709.smartbar.homepage", true);
Found : user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 ");
Found : user_pref("CT3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=1[...]
Found : user_pref("Smartbar.ConduitSearchEngineList", "BrotherSoft Extreme3 Customized Web Search");
Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709[...]
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3205709");
Found : user_pref("browser.search.selectedEngine", "BrotherSoft Extreme3 Customized Web Search");
Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13&CUI[...]
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&q=[...]
Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13[...]
Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ivet\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=48" ]
Found [l.1882] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [6832 octets] - [21/11/2012 21:33:42]

########## EOF - C:\AdwCleaner[R1].txt - [6892 octets] ##########

[vyosek]

Poprosim jeste o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Marinne]

Ok. RSIT info.txt:

info.txt logfile of random's system information tool 1.09 2012-11-21 20:21:55

======Uninstall list======

7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
Adobe Community Help-->msiexec /qb /x {A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}
Adobe Community Help-->MsiExec.exe /I{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin 64-bit-->C:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Photoshop Elements 10-->msiexec /i {EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF} NOT_STANDALONE=1 /l* C:\Users\Ivet\AppData\Local\Temp\PSE10Uninstall.log
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Apple Application Support-->MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
Apple Mobile Device Support-->MsiExec.exe /I{439760BC-7737-4386-9B1D-A90A3E8A22EA}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ArcSoft Camera Suite-->MsiExec.exe /I{5B2E4D40-16FA-40A0-B510-A50FA8F72D6A}
ArcSoft Camera Suite-->MsiExec.exe /X {5B2E4D40-16FA-40A0-B510-A50FA8F72D6A}
ArcSoft Webcam Sharing Manager-->MsiExec.exe /X{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5-->MsiExec.exe /I{E031338C-839D-4EDD-9537-99B653C39D81}
Bonjour-->MsiExec.exe /X{CA0D2F09-F811-48D4-843E-C87696C6A9D9}
Broadcom 2070 Bluetooth 3.0-->MsiExec.exe /X{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
Cisco AnyConnect Secure Mobility Client -->C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\Uninstall.exe -remove
Cisco AnyConnect Secure Mobility Client-->MsiExec.exe /X{85BE320B-A37D-42DA-B9BE-20A40B6A05E3}
Cisco Jabber Video for TelePresence-->MsiExec.exe /X{4981497E-94BC-4766-A4F5-D8670C28D292}
Cisco Systems VPN Client 5.0.07.0440-->MsiExec.exe /X{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}
CiscoVirtualCom(x64)-->MsiExec.exe /I{4741C69E-1B4E-43DA-9598-7F94BA6B66E7}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{0B2EBADB-F07C-4EE1-93A7-0B5F0A64954B}" "1029" "0"
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{0B2EBADB-F07C-4EE1-93A7-0B5F0A64954B}" "1033" "0"
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
Drive Encryption For HP ProtectTools-->MsiExec.exe /X{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}
Embedded Security for HP ProtectTools-->MsiExec.exe /X{87821717-5688-4AE6-887A-6B11571D0CD7}
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
Evernote v. 4.5.8-->MsiExec.exe /X{DED01768-E634-11E1-AEB0-984BE15F174E}
Face Recognition for HP ProtectTools-->MsiExec.exe /X{D3A775F2-2674-4452-8D80-1FC1446052EE}
Facebook Video Calling 1.2.0.287-->MsiExec.exe /X{B92C5909-1D37-4C51-8397-A28BB28E5DC3}
File Sanitizer For HP ProtectTools-->MsiExec.exe /I{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
GDR 1617 for SQL Server 2008 R2 (KB2494088)-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB2494088\GDR\setup.exe" /Action=RemovePatch /AllInstances /x86
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Talk Plugin-->MsiExec.exe /I{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\windows\SysWOW64\msiexec.exe /package {4ECF4BDC-8387-329A-ABE9-CF5798F84BB2} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\windows\SysWOW64\msiexec.exe /package {4ECF4BDC-8387-329A-ABE9-CF5798F84BB2} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\windows\SysWOW64\msiexec.exe /package {4ECF4BDC-8387-329A-ABE9-CF5798F84BB2} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\windows\SysWOW64\msiexec.exe /package {4ECF4BDC-8387-329A-ABE9-CF5798F84BB2} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\windows\SysWOW64\msiexec.exe /package {4ECF4BDC-8387-329A-ABE9-CF5798F84BB2} /uninstall /qb+ REBOOTPROMPT=""
HP 3D DriveGuard-->MsiExec.exe /X{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}
HP Auto-->MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Backlit Keyboard Controls-->MsiExec.exe /X{CD4F3229-4A37-463F-98A3-3DEEEEE8492C}
HP Connection Manager-->MsiExec.exe /X{4B21E4B2-89B8-499D-803A-34ABF929401E}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP DayStarter-->MsiExec.exe /X{483D5A49-A26B-4CB8-AA2D-0D1811322061}
HP Documentation-->MsiExec.exe /X{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{6357258D-2BF9-49E7-A9EF-0C609D52C46D}
HP Hotkey Support-->MsiExec.exe /X{C97CC14E-4789-4FC5-BC75-79191F7CE009}
HP Power Assistant-->MsiExec.exe /X{CF9ACC81-C8C3-4BD1-BD1F-FE13CF344E20}
HP ProtectTools Security Manager-->c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe
HP ProtectTools Security Manager-->MsiExec.exe /X{D856C86A-6D49-4A32-BBC2-54714EAF2CA0}
HP QuickWeb-->MsiExec.exe /X{72CD20B8-55F3-4B4F-A44F-E381232E84ED}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}\setup.exe" -l0x9 -removeonly
HP SoftPaq Download Manager-->MsiExec.exe /I{FE465061-894A-4023-8580-56FCDD4F23F9}
HP Software Framework-->MsiExec.exe /X{6EBAF52D-9558-4D6D-B7E7-3DD213206285}
HP Software Setup-->MsiExec.exe /X{531000B3-DBEE-4115-BBF3-DA48B67C053F}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP System Default Settings-->MsiExec.exe /X{954079D6-28E0-417D-AC43-F728E3CB7CE5}
HP Wallpaper-->MsiExec.exe /I{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}
HP Webcam Driver-->C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Identity Protection Technology 1.1.2.0-->MsiExec.exe /X{C01A86F5-56E7-101F-9BC9-E3F1025EB779}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{705EE775-5776-48FD-B704-C3C9CF535420}
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}
Java(TM) 6 Update 32-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216032FF}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
KeePass Password Safe 2.20.1-->"C:\Program Files (x86)\KeePass Password Safe 2\unins000.exe"
LINGO 13.0/x64-->MsiExec.exe /X{AADADAD4-3086-43E8-9CB0-187265989761}
MahJong Suite 2010 v7.1-->"C:\Program Files (x86)\MahJong Suite\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0054-0409-1000-0000000FF1CE}" "{7DC2B20B-31B9-4C7C-B8DC-8492A9A3095E}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{70A3169E-288F-454F-A08D-20DF66639B50}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{0242505C-4E90-407F-9299-B5B275F50D86}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{0242505C-4E90-407F-9299-B5B275F50D86}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-1000-0000000FF1CE}" "{B51389C8-2890-4633-81D8-47D2A7402274}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-1000-0000000FF1CE}" "{1779650B-2E44-4A19-8DF6-3866D645764A}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{715203B3-AD16-41A4-B13C-E1065EAB8963}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-1000-0000000FF1CE}" "{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{15D45352-C443-406A-9DF2-EF4A750A40CF}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0409-1000-0000000FF1CE}" "{FCD1C311-8B02-4DBD-BA46-1079C629577E}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{4B8654FE-410D-462C-9B3C-09D031BF4534}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-1000-0000000FF1CE}" "{516CA4A9-98E6-4F77-A863-CBD8487368E4}" "1033" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0405-1000-0000000FF1CE}" "{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-1000-0000000FF1CE}" "{516CA4A9-98E6-4F77-A863-CBD8487368E4}" "1033" "0"
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2010-->MsiExec.exe /X{90140000-0043-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-1000-0000000FF1CE}
Microsoft Office Visio 2010-->MsiExec.exe /X{90140000-0057-0000-1000-0000000FF1CE}
Microsoft Office Visio MUI (English) 2010-->MsiExec.exe /X{90140000-0054-0409-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Report Viewer Redistributable 2008 SP1-->C:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft Report Viewer Redistributable 2008 (KB971119)\install.exe
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 R2 Books Online-->MsiExec.exe /I{74F7B314-0507-4F91-9A4E-B6C9B027E410}
Microsoft SQL Server 2008 R2 Native Client-->MsiExec.exe /I{362A3FDF-B12E-436A-9097-1B795A9FFCC5}
Microsoft SQL Server 2008 R2 Policies-->MsiExec.exe /I{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}
Microsoft SQL Server 2008 R2 RsFx Driver-->MsiExec.exe /I{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}
Microsoft SQL Server 2008 R2 Setup (English)-->MsiExec.exe /X{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}
Microsoft SQL Server 2008 R2 Setup (English)-->MsiExec.exe /X{76866BE3-B2C7-40BB-B267-927792AED0C3}
Microsoft SQL Server 2008 R2-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x86\SetupARP.exe" /X86
Microsoft SQL Server 2008 R2-->"c:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x86\SetupARP.exe" /x86
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{D441BD04-E548-4F8E-97A4-1B66135BAAA8}
Microsoft SQL Server Browser-->MsiExec.exe /X{BF9BF038-FE03-429D-9B26-2FA0FD756052}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU-->MsiExec.exe /I{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}
Microsoft Visio 2010 Service Pack 1 (SP1)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{9081486B-B26D-42DB-8D31-81C525A9526A}" "1033" "0"
Microsoft Visio Premium 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall VISIO /dll OSETUP.DLL
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU-->MsiExec.exe /I{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}
Miranda IM 0.9.37-->C:\Program Files (x86)\Miranda IM\Uninstall.exe
Mozilla Firefox 11.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
Privacy Manager for HP ProtectTools-->MsiExec.exe /I{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}
PSE10 STI Installer-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{11D08055-939C-432b-98C3-E072478A0CD7}"
QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}
Scratch-->C:\Program Files (x86)\Scratch\uninstall.exe
SDK-->"C:\Program Files (x86)\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -runfromtemp -l0x0409
Secure Download Manager-->MsiExec.exe /I{6CEF2BC6-8929-44EE-8360-175513E1A49A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{D2EC0616-5207-48E4-8AC2-478F107EF383}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{CE5FC4A7-94EC-40C7-B292-673DBA671209}" "1029" "0"
Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{5131017A-63D7-4B4D-9A15-C704C91177B2}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{527AC538-7A51-40A5-89D7-5C1FEBBEA4C3}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{527AC538-7A51-40A5-89D7-5C1FEBBEA4C3}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{C4BF81CC-3786-4CE4-9D9F-DD393678B9EC}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{EE3E81CC-0C80-4939-A9EA-FC2B219CAFDD}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{EE3E81CC-0C80-4939-A9EA-FC2B219CAFDD}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{EE3E81CC-0C80-4939-A9EA-FC2B219CAFDD}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{EE3E81CC-0C80-4939-A9EA-FC2B219CAFDD}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{0F6C4F72-6084-437B-9B35-F59B09E3C1B0}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{7C04E5C7-C747-43DE-B648-09B97811D93E}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{7C04E5C7-C747-43DE-B648-09B97811D93E}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{9749495F-8851-4FD5-9864-EE227F31E0A1}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{9749495F-8851-4FD5-9864-EE227F31E0A1}" "1033" "0"
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{2B4B504B-6620-4FFD-94CB-3D640AB3FCD2}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{2B4B504B-6620-4FFD-94CB-3D640AB3FCD2}" "1033" "0"
Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{3E112FB8-14E5-4088-80AC-574FC376BCFE}" "1029" "0"
Security Update for Microsoft Visio 2010 (KB2597171) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{5545E057-44FE-4373-BA5B-97CF65862323}" "1033" "0"
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{36B568AE-78F1-45EF-A7BF-EF0419904A21}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{CA3729AF-0755-48A9-9CD4-3BA7D61E3DE9}" "1029" "0"
SQL Server 2008 R2 Analysis Services-->MsiExec.exe /I{6249567F-65C3-4EE7-B023-E4FA035B0520}
SQL Server 2008 R2 Analysis Services-->MsiExec.exe /I{DAA8590D-D93E-4697-9CBE-D96A7590A8E3}
SQL Server 2008 R2 BI Development Studio-->MsiExec.exe /I{143203CB-9E09-4D9D-91F1-D000EC6E1F87}
SQL Server 2008 R2 BI Development Studio-->MsiExec.exe /I{2BF7DF19-F716-4986-AD4A-3AF6ACFEEE14}
SQL Server 2008 R2 Client Tools-->MsiExec.exe /I{51032BDF-67CD-4160-A662-26BAEFA346D6}
SQL Server 2008 R2 Client Tools-->MsiExec.exe /I{9ACDACC7-0095-40F1-8033-0DB95C920678}
SQL Server 2008 R2 Common Files-->MsiExec.exe /I{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}
SQL Server 2008 R2 Common Files-->MsiExec.exe /I{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}
SQL Server 2008 R2 Database Engine Services-->MsiExec.exe /I{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}
SQL Server 2008 R2 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
SQL Server 2008 R2 Database Engine Shared-->MsiExec.exe /I{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}
SQL Server 2008 R2 Database Engine Shared-->MsiExec.exe /I{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}
SQL Server 2008 R2 Integration Services-->MsiExec.exe /I{04D1DF8F-2D00-44F8-8094-5A8822354B89}
SQL Server 2008 R2 Integration Services-->MsiExec.exe /I{501A312A-05FE-431B-8E9D-52DC45B2DE92}
SQL Server 2008 R2 Management Studio-->MsiExec.exe /I{020617D7-2F72-4D02-BF59-A5CBC1761177}
SQL Server 2008 R2 Management Studio-->MsiExec.exe /I{121475F5-2598-4574-8801-8F6B3D6A99BB}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{93998800-1608-403F-9A51-420A77D23C25}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Theft Recovery for HP ProtectTools-->"C:\Program Files (x86)\InstallShield Installation Information\{ADC70B7A-530B-46E3-8384-48D22681A41E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Theft Recovery for HP ProtectTools-->MsiExec.exe /X{ADC70B7A-530B-46E3-8384-48D22681A41E}
Total Commander (Remove or Repair)-->C:\Program Files (x86)\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{428CB7A0-1068-4CE1-8835-39C7ECD297ED}" "1029" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{428CB7A0-1068-4CE1-8835-39C7ECD297ED}" "1033" "0"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{57CEB66B-DD29-4883-92A2-671331657B52}" "1029" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1029" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-1000-0000000FF1CE}" "{E636FE63-842B-4F4B-9884-DA189ACC0B91}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1033" "0"
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}" "1033" "0"
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}" "1029" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{2B00A738-659A-4E52-9391-D334FA0E64CB}" "1029" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{74D7080E-57AC-419D-9AA0-D277114D213F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-1000-0000000FF1CE}" "{DC366AAD-10AA-4FB2-9D17-5DA0A4E76477}" "1033" "0"
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-1000-0000000FF1CE}" "{CC54F5F1-51C0-4038-B3B0-42F1DCA806C4}" "1033" "0"
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{CC893AFB-89DA-4B37-83BF-4FB331B7598C}" "1029" "0"
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{CC893AFB-89DA-4B37-83BF-4FB331B7598C}" "1033" "0"
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{AA6D5594-6D8A-4E53-A929-33E8FA9AA4C4}" "1029" "0"
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-1000-0000000FF1CE}" "{D9CF6D64-9342-4C83-A9C1-F45DE139F2A7}" "1033" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}" "1029" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}" "1033" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1029" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1029" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1033" "0"
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0057-0000-1000-0000000FF1CE}" "{7750DF63-F5DC-4198-8B8B-AE03B212F462}" "1033" "0"
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{58C6A6DF-1367-4D06-A002-5498B4182EEB}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A3E1581D-1628-43DB-98B6-84ACE7E74AAD}" "1033" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{57DCA0CF-8734-4468-9A3A-E6B1A760B02B}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{C0BDCFB8-AD84-46A9-8F49-60A7A5EDFF93}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{7861C766-2AA2-4A50-AB75-A57D451CEA76}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{37389B1A-BDF2-49D7-AF0D-B6B793863502}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{E1757044-ECB2-4551-B1D5-5E39F7E109CE}" "1033" "0"
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{BFA2D2A7-4FAC-4862-B7A3-960B329C2177}
VIP Access SDK (1.0.0.55) -->C:\Program Files\Symantec\VIP Access SDK\uninstall.exe
VLC media player 2.0.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.01 (32-bit)-->C:\Users\Ivet\Downloads\winRaR\uninstall.exe

======Hosts File======

127.0.0.1 activate.adobe.com

======System event log======

Computer Name: hp-ivet
Event Code: 27
Message: Intel(R) 82579LM Gigabit Network Connection
Network link is disconnected.

Record Number: 20289
Source Name: e1cexpress
Time Written: 20120317100113.522115-000
Event Type: Warning
User:

Computer Name: hp-ivet
Event Code: 541
Message: An operation in progress was interrupted by a power management event.
Record Number: 20278
Source Name: Microsoft-Windows-TBS
Time Written: 20120317001236.755529-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: hp-ivet
Event Code: 27
Message: Intel(R) 82579LM Gigabit Network Connection
Network link is disconnected.

Record Number: 20274
Source Name: e1cexpress
Time Written: 20120317001229.571118-000
Event Type: Warning
User:

Computer Name: hp-ivet
Event Code: 1014
Message: Name resolution for the name isatap.casa timed out after none of the configured DNS servers responded.
Record Number: 20253
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20120316185404.001486-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: hp-ivet
Event Code: 27
Message: Intel(R) 82579LM Gigabit Network Connection
Network link is disconnected.

Record Number: 20247
Source Name: e1cexpress
Time Written: 20120316185357.549117-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: hp-ivet
Event Code: 100
Message: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Record Number: 39344
Source Name: Bonjour Service
Time Written: 20120616125310.000000-000
Event Type: Error
User:

Computer Name: hp-ivet
Event Code: 6
Message: User identification failed: Result:0x00000169.
Record Number: 39339
Source Name: Validity USDK
Time Written: 20120616122255.000000-000
Event Type: Warning
User:

Computer Name: hp-ivet
Event Code: 100
Message: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Record Number: 39338
Source Name: Bonjour Service
Time Written: 20120616120330.000000-000
Event Type: Error
User:

Computer Name: hp-ivet
Event Code: 100
Message: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Record Number: 39337
Source Name: Bonjour Service
Time Written: 20120616120330.000000-000
Event Type: Error
User:

Computer Name: hp-ivet
Event Code: 100
Message: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Record Number: 39332
Source Name: Bonjour Service
Time Written: 20120616120320.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: hp-ivet
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2678
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111204005558.878228-000
Event Type: Audit Success
User:

Computer Name: hp-ivet
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: HP-IVET$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x280
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2677
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111204005558.878228-000
Event Type: Audit Success
User:

Computer Name: hp-ivet
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2676
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111204005558.644227-000
Event Type: Audit Success
User:

Computer Name: hp-ivet
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: HP-IVET$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x280
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2675
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111204005558.644227-000
Event Type: Audit Success
User:

Computer Name: hp-ivet
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2935871942-279472356-996670657-1001
Account Name: Ivet
Domain Name: hp-ivet
Logon ID: 0x45e8e
Record Number: 2674
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111204005557.458625-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Intel\Services\IPT\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Users\Ivet\Downloads\Lingo\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"OnlineServices"=Online Services
"Platform"=BNB
"PCBRAND"=m
"PTSMInstallPath_X86"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"LINGO64_13_LICENSE_FILE"=C:\Users\Ivet\Downloads\Lingo\lndlng13.lic

-----------------EOF-----------------



výstup z AdwCleaner:

# AdwCleaner v2.008 - Logfile created 11/21/2012 at 21:43:33
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Ivet - HP-IVET
# Boot Mode : Normal
# Running from : C:\Users\Ivet\Downloads\skola2\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Ivet\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Users\Ivet\AppData\Local\Conduit
Folder Deleted : C:\Users\Ivet\AppData\Local\Temp\CT3205709
Folder Deleted : C:\Users\Ivet\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\CT3205709
Folder Deleted : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5}
Folder Deleted : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\Smartbar
Folder Deleted : C:\Users\Ivet\AppData\Roaming\pdfforge

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Description
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT3205709 --> hxxp://www.google.com

-\\ Mozilla Firefox v11.0 (cs)

Profile name : default
File : C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\prefs.js

Deleted : user_pref("CT3205709.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3205709.FirstTime", "true");
Deleted : user_pref("CT3205709.FirstTimeFF3", "true");
Deleted : user_pref("CT3205709.RevertSettingsEnabled", true);
Deleted : user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT320[...]
Deleted : user_pref("CT3205709.UserID", "UN71354275005519756");
Deleted : user_pref("CT3205709.autoDisableScopes", -1);
Deleted : user_pref("CT3205709.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3205709.defaultSearch", "true");
Deleted : user_pref("CT3205709.enableAlerts", "always");
Deleted : user_pref("CT3205709.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3205709.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3205709.fixPageNotFoundError", "true");
Deleted : user_pref("CT3205709.fixUrls", true);
Deleted : user_pref("CT3205709.installId", "secondoffer1.exe");
Deleted : user_pref("CT3205709.installType", "conduitnsisintegration");
Deleted : user_pref("CT3205709.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3205709.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3205709.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3205709.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3205709.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3205709.keyword", true);
Deleted : user_pref("CT3205709.migrateAppsAndComponents", true);
Deleted : user_pref("CT3205709.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Deleted : user_pref("CT3205709.openThankYouPage", "false");
Deleted : user_pref("CT3205709.openUninstallPage", "true");
Deleted : user_pref("CT3205709.revertSettingsEnabled", "false");
Deleted : user_pref("CT3205709.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3205709.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3205709.serviceLayer_services_searchAPI_lastUpdate", "1353523191802");
Deleted : user_pref("CT3205709.serviceLayer_services_serviceMap_lastUpdate", "1353523191333");
Deleted : user_pref("CT3205709.serviceLayer_services_toolbarSettings_lastUpdate", "1353523192003");
Deleted : user_pref("CT3205709.settingsINI", true);
Deleted : user_pref("CT3205709.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3205709.smartbar.CTID", "CT3205709");
Deleted : user_pref("CT3205709.smartbar.Uninstall", "0");
Deleted : user_pref("CT3205709.smartbar.homepage", true);
Deleted : user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 ");
Deleted : user_pref("CT3205709_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BrotherSoft Extreme3 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3205709");
Deleted : user_pref("browser.search.selectedEngine", "BrotherSoft Extreme3 Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13&CUI[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3205709&SearchSource=2&q=[...]
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=13[...]
Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ivet\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=48"[...]
Deleted [l.1882] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3205709&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [6955 octets] - [21/11/2012 21:33:42]
AdwCleaner[S1].txt - [6925 octets] - [21/11/2012 21:43:33]

########## EOF - C:\AdwCleaner[S1].txt - [6985 octets] ##########

[vyosek]

Uz to vypada hned lepe, ale jeste kouknem dukladneji

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Marinne]

OTL.txt:

OTL logfile created on: 11/21/2012 10:16:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ivet\Downloads\skola2
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

3.91 Gb Total Physical Memory | 1.59 Gb Available Physical Memory | 40.75% Memory free
7.82 Gb Paging File | 4.54 Gb Available in Paging File | 58.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.86 Gb Total Space | 237.68 Gb Free Space | 53.19% Space Free | Partition Type: NTFS
Drive E: | 13.61 Gb Total Space | 2.01 Gb Free Space | 14.79% Space Free | Partition Type: NTFS
Drive F: | 4.98 Gb Total Space | 2.12 Gb Free Space | 42.63% Space Free | Partition Type: FAT32

Computer Name: HP-IVET | User Name: Ivet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/11/21 22:14:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ivet\Downloads\skola2\OTL.exe
PRC - [2012/08/14 09:52:28 | 001,014,624 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/07/12 14:40:15 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Ivet\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/06/20 12:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012/06/07 03:02:30 | 027,502,520 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/01 14:34:23 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/15 10:40:04 | 005,981,144 | ---- | M] (Cisco) -- C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe
PRC - [2012/02/08 11:44:04 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2012/02/08 11:10:00 | 001,323,008 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2012/01/13 18:18:07 | 000,527,312 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012/01/13 18:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011/12/04 03:15:26 | 000,133,944 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/05 20:13:46 | 001,094,712 | ---- | M] (Hewlett-Packard Development Company L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/04/04 23:46:48 | 000,030,776 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2011/04/01 21:45:50 | 000,821,584 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011/03/31 00:57:28 | 000,076,344 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/03/16 19:26:42 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011/03/16 19:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/03/10 20:08:00 | 012,277,760 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011/03/10 20:07:52 | 000,320,512 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011/03/04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2011/02/24 09:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/01/28 18:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011/01/26 18:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
PRC - [2011/01/20 06:50:16 | 000,329,056 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2011/01/20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2011/01/20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
PRC - [2011/01/17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/01/17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 07:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
PRC - [2010/11/11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2010/07/30 04:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/07/30 09:06:58 | 001,100,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe
PRC - [2007/01/01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/17 12:38:03 | 003,213,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\6cd88ea5c8a720aba8dac5c0a3999b95\Microsoft.Windows.Design.Markup.ni.dll
MOD - [2012/11/17 12:38:01 | 000,048,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ff1611b3f7c26c41676e9f173ea1a577\Microsoft.Windows.Design.Host.ni.dll
MOD - [2012/11/17 12:37:57 | 000,676,352 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a96c89efe5818b287bb891c60bc9c2c1\Microsoft.VisualStudio.Xaml.LanguageService.ni.dll
MOD - [2012/11/17 12:37:31 | 000,035,840 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d00334e658aecf44bf8ca2605576ec3d\Microsoft.SqlServer.PolicyEnum.ni.dll
MOD - [2012/11/17 12:37:21 | 000,073,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\38e0111f415cdcf90411454dc12f91c9\Microsoft.SqlServer.BatchParserClient.ni.dll
MOD - [2012/11/17 12:36:42 | 000,220,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c07aa49ffd41a39bffaf653289f44038\CustomMarshalers.ni.dll
MOD - [2012/11/17 12:35:36 | 000,225,792 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\ObjectExplorerRepli#\f89e7e09fc373842d976ab40ed451735\ObjectExplorerReplication.ni.dll
MOD - [2012/11/17 12:35:31 | 000,141,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\783f3006f8c7eafb8e7763834f48a690\Microsoft.SqlServer.Management.SqlStudio.Migration.ni.dll
MOD - [2012/11/17 12:35:30 | 000,129,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7adbdf20eff61eceb1fed5193a2f95fa\Microsoft.SqlServer.Management.SqlStudio.ni.dll
MOD - [2012/11/17 12:35:08 | 000,773,120 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\03c9fc038fb6dc3e390471b3fda433b1\Microsoft.SqlServer.Management.SqlStudio.Explorer.ni.dll
MOD - [2012/11/17 12:34:41 | 000,074,240 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\msddslmp\b75a33087616af870417b3a1a61b3aeb\msddslmp.ni.dll
MOD - [2012/11/17 12:34:41 | 000,061,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\94ae657ae162ed15648813bb6d127e33\Microsoft.DataWarehouse.Layout.ni.dll
MOD - [2012/11/17 12:34:40 | 001,212,416 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataTrans#\ef9ee6841da6eaebcadf5c4198cc4a75\Microsoft.DataTransformationServices.Wizards.ni.dll
MOD - [2012/11/17 12:34:38 | 000,744,448 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataTrans#\20a1ea2329f78e75f5bdabaf42de9878\Microsoft.DataTransformationServices.VsIntegration.ni.dll
MOD - [2012/11/17 12:34:33 | 007,483,392 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataTrans#\590c14b4bd35e9810f81397e747f1bee\Microsoft.DataTransformationServices.Design.ni.dll
MOD - [2012/11/17 12:34:30 | 002,192,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Datatrans#\1cbef4da607817ba21ec2b4c1eabda68\Microsoft.DatatransformationServices.DataFlowUI.ni.dll
MOD - [2012/11/17 12:34:26 | 002,778,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.AnalysisS#\cf2d091ad9f732d838ab8fd298893031\Microsoft.AnalysisServices.Project.ni.dll
MOD - [2012/11/17 12:34:00 | 004,303,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\ObjectExplorer\6f4689e01b70d04227b44fa45ba3085f\ObjectExplorer.ni.dll
MOD - [2012/11/17 12:33:47 | 009,594,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7cf3cc5e9e9b13f8d87f1c093ac3a6ea\Microsoft.SqlServer.Management.Reports.ni.dll
MOD - [2012/11/17 12:33:45 | 001,431,040 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\AppIDPackage\3bc21a93b8423fcf0fbed3c1e3956100\AppIDPackage.ni.dll
MOD - [2012/11/17 12:33:23 | 000,066,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b8c8a5195efece3cead77109bbdfd18e\Microsoft.SqlServer.Instapi.ni.dll
MOD - [2012/11/17 12:33:22 | 000,450,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\4158bf3660681f68b4269c24c8390799\Microsoft.VisualStudio.Debugger.Interop.ni.dll
MOD - [2012/11/17 12:33:21 | 000,668,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5d7455921d33bfab95b9be1f5cca253a\Microsoft.SqlServer.SqlTools.VSIntegration.ni.dll
MOD - [2012/11/17 12:33:20 | 000,351,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\ebc909637f3786b9bf0f8030a797bdec\Microsoft.SqlServer.Management.SDK.SqlStudio.ni.dll
MOD - [2012/11/17 12:33:19 | 000,076,288 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\DdsShapesLib\d9ab1c1ec30539802c165c395fa5b0cd\DdsShapesLib.ni.dll
MOD - [2012/11/17 12:33:18 | 000,121,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\03a6deef8464b174438c75cdbbcc5999\Microsoft.SqlServer.Sqm.ni.dll
MOD - [2012/11/17 12:33:17 | 000,275,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\24a8932e98b5596d9f35684d524cbf1b\Microsoft.SqlServer.Management.UserSettings.ni.dll
MOD - [2012/11/17 12:33:17 | 000,205,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\59a21958c2d3e587106911acf244355f\Microsoft.SqlServer.Management.RegisteredServers.ni.dll
MOD - [2012/11/17 12:33:17 | 000,078,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\8de183546e9d8e0160808b075d121708\Microsoft.DataWarehouse.SQM.ni.dll
MOD - [2012/11/17 12:33:16 | 000,787,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5d2c9ac5400419ea2f55e3388604d51a\Microsoft.SqlServer.Management.Controls.ni.dll
MOD - [2012/11/17 12:33:15 | 001,195,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\ConnectionDlg\17dc15ea3c9b599ec1f382cebf00ea24\ConnectionDlg.ni.dll
MOD - [2012/11/17 12:32:54 | 000,096,256 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SqlWorkbench.Interf#\a7e24d7932530fa733ce1ef6a9cde805\SqlWorkbench.Interfaces.ni.dll
MOD - [2012/11/17 12:32:53 | 005,406,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SqlMgmt\05169ae18ab57bacfd707819b6fc8748\SqlMgmt.ni.dll
MOD - [2012/11/17 12:32:46 | 000,341,504 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\msddsp\d4b9dd35a4b82ff2241c7df22b7be3ca\msddsp.ni.dll
MOD - [2012/11/17 12:32:40 | 000,053,248 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataWareh#\9e1b2c2b913282e12fc34b7db6514805\Microsoft.DataWarehouse.Interfaces.ni.dll
MOD - [2012/11/17 12:32:30 | 003,009,536 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.AnalysisS#\e456bd69058e2ae957cc6bb1f7f5481f\Microsoft.AnalysisServices.ni.dll
MOD - [2012/11/17 12:32:20 | 000,152,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\955208f1a0196c3ad3a010ca657a9984\Microsoft.SqlServer.PipelineXML.ni.dll
MOD - [2012/11/17 12:32:03 | 001,281,536 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\94d1ee431dcfa6ec05c6e7fb9274e23d\Microsoft.SqlServer.Dmf.ni.dll
MOD - [2012/11/17 12:32:02 | 001,575,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\359b04228902870716215afd0bc3464a\Microsoft.SqlServer.SqlEnum.ni.dll
MOD - [2012/11/17 12:32:01 | 006,714,368 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1bcd0a8f8e178078a6c5c00fb907fd9c\Microsoft.SqlServer.Smo.ni.dll
MOD - [2012/11/17 12:31:56 | 000,766,976 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\766412ea4e87cc00172b94cbcab819cc\System.Data.SqlServerCe.ni.dll
MOD - [2012/11/17 12:31:56 | 000,640,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\936e6c0cc3e9b3bd783eed203c0be346\Microsoft.SqlServer.BatchParser.ni.dll
MOD - [2012/11/17 12:31:55 | 000,134,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\682eb2a660978d95a7732c268e18c276\Microsoft.SqlServer.SQLTask.ni.dll
MOD - [2012/11/17 12:31:54 | 000,876,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\cf3d4cb49cff1277025dac8941a47b09\Microsoft.VisualStudio.Shell.9.0.ni.dll
MOD - [2012/11/17 12:31:54 | 000,075,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\20cbbc56cfd46a7ef696c00e9bf11992\Microsoft.VisualStudio.Shell.Interop.9.0.ni.dll
MOD - [2012/11/17 12:31:54 | 000,022,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9160b6cdf99b93b51c9de80b02e207ed\Microsoft.VisualStudio.Designer.Interfaces.ni.dll
MOD - [2012/11/17 12:31:53 | 000,513,536 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\95d75d9f0099392a4c511c3a539d3a53\Microsoft.VisualStudio.Shell.Design.ni.dll
MOD - [2012/11/17 12:31:52 | 000,577,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\0942f729727705e91b77c585b8d5a2ba\Microsoft.VisualStudio.Shell.Interop.ni.dll
MOD - [2012/11/17 12:31:52 | 000,373,248 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d4f6081203c7c3e59dd9d6d1c92a4f6a\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
MOD - [2012/11/17 12:31:52 | 000,306,176 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\71621c5a28550d80e0c3707a8da6ed26\Microsoft.VisualStudio.OLE.Interop.ni.dll
MOD - [2012/11/17 12:31:52 | 000,281,088 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2e72b017843a60d2563dade76b8e498f\Microsoft.VisualStudio.TextManager.Interop.ni.dll
MOD - [2012/11/17 12:31:52 | 000,124,416 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\a6af756967fb8802e8fcef179a9bd939\Microsoft.VisualStudio.TextManager.Interop.8.0.ni.dll
MOD - [2012/11/17 12:31:51 | 000,838,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9bbeeaf18ef6962e68830f9a8f5c8608\Microsoft.VisualStudio.Shell.ni.dll
MOD - [2012/11/17 12:31:42 | 001,000,448 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\420a401dc134bad330410dc6553b2ef0\Microsoft.SqlServer.WizardFramework.ni.dll
MOD - [2012/11/17 12:31:42 | 000,573,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE\63de08aaf304edf7521b52c2f3b3aa2c\EnvDTE.ni.dll
MOD - [2012/11/17 12:31:42 | 000,044,032 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\stdole\98c84156dd4209270c2a354ca97c1d33\stdole.ni.dll
MOD - [2012/11/17 12:31:42 | 000,042,496 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9567118a22c24968276ac708f2feb165\Microsoft.SqlServer.SString.ni.dll
MOD - [2012/11/17 12:31:40 | 000,076,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3cf85d4f4f1824fef14a94cb0e9d9d6b\Microsoft.SqlServer.CustomControls.ni.dll
MOD - [2012/11/17 12:31:39 | 000,272,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\0b5ba333aa06619df2ffdd0e3431cca5\Microsoft.SqlServer.ConnectionInfo.ni.dll
MOD - [2012/11/17 12:31:39 | 000,235,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\b60f49574f7a6f81f291fa93f697daba\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
MOD - [2012/11/17 12:31:39 | 000,035,840 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b31e9827de607bbd88cc1efb266aec8c\Microsoft.SqlServer.Dts.Design.ni.dll
MOD - [2012/11/17 12:31:39 | 000,026,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5eb4b2b65d7229077e865dbe4d398ca9\Microsoft.SqlServer.SqlClrProvider.ni.dll
MOD - [2012/11/17 12:31:38 | 001,391,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\87bbe5aa233bff8d3116dfa95a8c5ae7\Microsoft.SqlServer.Management.Sdk.Sfc.ni.dll
MOD - [2012/11/17 12:31:38 | 000,128,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\7945d0c038633c2eddf0e246b1b88450\Microsoft.SqlServer.RegSvrEnum.ni.dll
MOD - [2012/11/17 12:31:37 | 000,532,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4b5374a7f482c752b6550a63fb7334a9\Microsoft.SqlServer.GridControl.ni.dll
MOD - [2012/11/17 12:31:37 | 000,175,104 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a3d1c9c25e45ebdfd28081df366ed8b0\Microsoft.SqlServer.DataStorage.ni.dll
MOD - [2012/11/17 12:31:36 | 001,604,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.DataTrans#\694e47aff65fa0b373d6711ef54010d4\Microsoft.DataTransformationServices.Controls.ni.dll
MOD - [2012/11/17 12:31:36 | 000,098,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\92d0e27a5d814fbc5f47d0eaf93b2e9a\Microsoft.SqlServer.DlgGrid.ni.dll
MOD - [2012/11/17 12:31:35 | 000,159,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e863d05448103b314b1d0e307e1ea752\Microsoft.SqlServer.DtsMsg.ni.dll
MOD - [2012/11/17 12:31:35 | 000,128,512 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\44f4c3f86e85dc55d56ab0e805e6aadb\Microsoft.SqlServer.DTSPipelineWrap.ni.dll
MOD - [2012/11/17 12:31:34 | 000,532,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d5ebbf5631a416405475113a54a10df1\Microsoft.SqlServer.Diagnostics.STrace.ni.dll
MOD - [2012/11/17 12:31:33 | 000,752,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1840a6e11485b10633d26b88b073b977\Microsoft.SqlServer.ManagedDTS.ni.dll
MOD - [2012/11/17 12:31:33 | 000,485,888 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\e62eaa5d311dbcb5b2f8cdf0347ac099\Microsoft.SqlServer.Msxml6_interop.ni.dll
MOD - [2012/11/17 12:31:33 | 000,041,472 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\21a859e62de03a3ff55ea34872d52998\Microsoft.SqlServer.SqlTDiagM.ni.dll
MOD - [2012/11/17 12:31:29 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
MOD - [2012/11/17 12:31:28 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\21303503faca86dc22acdb09dea9caa6\IAStorUtil.ni.dll
MOD - [2012/11/17 12:31:28 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\20e6ed751491ededa81930ae57e20a25\IAStorCommon.ni.dll
MOD - [2012/11/17 12:31:22 | 000,419,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\5c270f5d7dc8202acfdefbb945ef04bf\Microsoft.SqlServer.DTSRuntimeWrap.ni.dll
MOD - [2012/11/17 03:43:41 | 001,116,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\f87fac53ed95add78ce24d9bc0aff428\System.Data.OracleClient.ni.dll
MOD - [2012/11/17 03:43:40 | 000,208,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\5403cc0fad7c0ab314f6e7fb4cb28673\System.Drawing.Design.ni.dll
MOD - [2012/11/17 03:43:39 | 010,580,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\409c27bc1e434bf90f0df3d7096613bd\System.Design.ni.dll
MOD - [2012/11/17 03:43:34 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/17 03:43:30 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/17 03:43:29 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a30d7e65103254213dc62f238be50f97\System.EnterpriseServices.ni.dll
MOD - [2012/11/17 03:43:29 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll
MOD - [2012/11/17 03:43:28 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
MOD - [2012/11/17 03:43:11 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/17 03:43:06 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/17 03:43:05 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll
MOD - [2012/11/17 03:42:55 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/17 03:42:51 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3cdcb033f930eb60badfa4500d795edb\System.Xml.ni.dll
MOD - [2012/11/17 03:42:49 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/17 03:42:48 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/17 03:42:43 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/23 23:54:08 | 000,294,912 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio\2.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.dll
MOD - [2012/10/23 23:53:24 | 000,141,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.SqlServer.SQLTaskUI\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.SQLTaskUI.dll
MOD - [2012/10/23 23:51:30 | 000,370,528 | ---- | M] () -- C:\windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.BatchParser.dll
MOD - [2012/10/23 23:46:28 | 001,396,736 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Xaml\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Xaml.dll
MOD - [2012/10/23 23:46:06 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\VSLangProj.dll
MOD - [2012/10/23 23:45:54 | 000,012,288 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.XmlEditor\3.5.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.XmlEditor.dll
MOD - [2012/10/23 23:45:53 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Windows.Forms\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Windows.Forms.dll
MOD - [2012/10/23 23:45:51 | 000,348,160 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Package.LanguageService.9.0\3.5.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Package.LanguageService.9.0.dll
MOD - [2012/10/23 23:45:49 | 000,274,432 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.dll
MOD - [2012/10/23 23:45:48 | 000,671,744 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.CommonIDE\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.CommonIDE.dll
MOD - [2012/10/23 23:45:48 | 000,561,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Design\9.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Design.dll
MOD - [2012/05/14 17:12:08 | 013,903,872 | ---- | M] () -- C:\Windows\SysWOW64\ig4icd32.dll
MOD - [2012/04/01 14:34:23 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/03/16 14:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 14:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/02/16 03:35:01 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012/02/15 10:40:50 | 000,249,800 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\pango.dll
MOD - [2012/02/15 10:40:50 | 000,060,872 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\libz-0.dll
MOD - [2012/02/15 10:40:44 | 000,331,736 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\liboil-0.3-0.dll
MOD - [2012/02/15 10:40:42 | 000,037,864 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstwinscreencap.dll
MOD - [2012/02/15 10:40:40 | 000,045,528 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstwavparse.dll
MOD - [2012/02/15 10:40:40 | 000,027,608 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstvolume.dll
MOD - [2012/02/15 10:40:34 | 000,121,312 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\libgsttag-0.10-0.dll
MOD - [2012/02/15 10:40:34 | 000,027,608 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstrtpmux.dll
MOD - [2012/02/15 10:40:28 | 000,045,024 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\libgstriff-0.10-0.dll
MOD - [2012/02/15 10:40:24 | 000,024,536 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstlevel.dll
MOD - [2012/02/15 10:40:22 | 000,044,496 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\gstreamer-0.10\libgstdtmf.dll
MOD - [2012/02/15 10:40:08 | 000,080,336 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\json-glib.dll
MOD - [2012/02/15 10:40:06 | 000,803,792 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\clutter.dll
MOD - [2012/02/15 10:40:06 | 000,040,920 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\clutter-gst.dll
MOD - [2012/02/15 10:40:04 | 000,602,568 | ---- | M] () -- C:\Program Files (x86)\Cisco\JabberVideo\cairo.dll
MOD - [2012/02/08 11:44:04 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2011/05/28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Users\Ivet\Downloads\winRaR\RarExt.dll
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/05 02:58:05 | 000,486,400 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
MOD - [2010/11/05 02:57:39 | 000,069,120 | ---- | M] () -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/08 11:19:40 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/03/01 10:35:24 | 000,659,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/02/08 11:10:00 | 001,323,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2012/01/09 11:47:02 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/01/09 11:47:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/08/23 04:37:04 | 003,175,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/01 21:45:52 | 000,485,712 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011/03/17 23:06:50 | 000,132,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011/01/28 18:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2010/07/30 04:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/06/20 12:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012/01/13 18:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011/12/04 03:15:26 | 000,133,944 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2011/08/23 04:23:48 | 002,774,320 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/05 20:13:46 | 001,094,712 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/04/04 23:46:48 | 000,030,776 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2011/03/16 19:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/03/10 20:07:52 | 000,320,512 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011/03/07 19:00:18 | 000,464,512 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011/03/04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2011/02/24 09:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/01/26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/01/20 06:55:18 | 001,125,728 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe -- (IFXSpMgtSrv)
SRV - [2011/01/20 06:43:00 | 000,203,104 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2011/01/20 05:49:00 | 000,980,320 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe -- (IFXTCS)
SRV - [2011/01/17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/01/17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 20:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/18 16:09:06 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/10/15 19:05:28 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/07/16 19:37:36 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012/05/14 17:12:25 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/05/14 17:12:11 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/04/13 09:05:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2012/03/15 19:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012/03/01 09:55:26 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/03/01 09:55:26 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/08 11:55:20 | 000,100,808 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpeOpal.sys -- (MfeEpeOpal)
DRV:64bit: - [2012/02/08 11:54:56 | 000,158,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2012/01/13 18:08:23 | 000,026,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012/01/13 18:07:30 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012/01/09 11:47:03 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/05 20:15:28 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/09/16 01:34:38 | 000,392,752 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/08/09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/22 01:57:04 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2011/03/03 18:48:38 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011/01/13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/21 19:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010/11/20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010/01/26 06:31:08 | 000,044,576 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\psd.sys -- (PersonalSecureDrive)
DRV:64bit: - [2009/10/16 11:33:48 | 000,095,232 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CiscoUsbConsoleWindowsDriver64.sys -- (CiscoSerial)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/03/13 06:51:00 | 000,068,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{501235D3-CF70-46FE-BDF0-10DDBA5C63E2}: "URL" = http://search.seznam.cz/?q={searchTerms ... chmodule_2
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=CMNTDF
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.3
FF - prefs.js..extensions.enabledAddons: {62d40876-df18-411f-9d34-a9dd7a197bc5}:10.13.40.15
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ivet\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Ivet\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Ivet\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ivet\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ivet\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/01/29 12:45:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011/04/29 14:54:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/01 14:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/01/29 12:45:39 | 000,000,000 | ---D | M]

[2011/12/04 02:26:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivet\AppData\Roaming\Mozilla\Extensions
[2012/11/21 21:43:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions
[2012/11/12 00:40:58 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/12/04 02:39:17 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/08/20 00:56:36 | 000,702,524 | ---- | M] () (No name found) -- C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012/11/21 19:39:53 | 000,001,070 | ---- | M] () -- C:\Users\Ivet\AppData\Roaming\Mozilla\Firefox\Profiles\xr9sxc6k.default\searchplugins\brothersoft-extreme3-customized-web-search.xml
[2012/05/14 18:43:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/14 18:43:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012/04/01 14:34:23 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/01 14:34:22 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/04/01 14:34:22 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/04/01 14:34:22 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/04/01 14:34:22 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/04/01 14:34:22 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ivet\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Ivet\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Ivet\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Ivet\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\windows\SysWOW64\npdeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Ivet\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Ivet\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Adblock Plus = C:\Users\Ivet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\

O1 HOSTS File: ([2011/12/22 13:04:16 | 000,000,856 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2935871942-279472356-996670657-1001..\Run: [Cisco JabberVideo] C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe (Cisco)
O4 - HKU\S-1-5-21-2935871942-279472356-996670657-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2935871942-279472356-996670657-1001..\Run: [Facebook Update] C:\Users\Ivet\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2935871942-279472356-996670657-1001..\Run: [googletalk] C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ivet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Ivet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0815C316-5617-4FF7-9DF7-8FA0D5B56E6D}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[Marinne]

OTL.txt pokračovanie:

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/11/21 20:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/11/21 20:20:28 | 000,000,000 | ---D | C] -- C:\rsit
[2012/11/21 18:54:11 | 000,000,000 | ---D | C] -- C:\Users\Ivet\AppData\Local\CRE
[2012/11/20 20:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2012/11/20 20:22:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/20 20:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2012/11/17 03:13:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2012/11/17 03:13:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2012/11/17 03:07:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/11/17 03:07:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/11/17 03:07:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/11/17 03:07:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/11/17 03:07:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/11/17 03:07:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/11/17 03:07:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/11/17 03:07:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/11/17 03:07:06 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/11/17 03:07:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/11/17 03:07:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/11/17 03:07:05 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2012/11/17 03:07:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/11/17 03:07:03 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/11/17 03:07:03 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2012/11/17 03:03:35 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/11/17 03:03:34 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/11/17 03:03:34 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/11/17 03:03:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/11/16 19:39:28 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2012/11/16 19:39:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2012/11/16 19:39:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2012/11/16 19:39:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2012/11/16 19:39:22 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/11/16 19:39:22 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2012/11/16 19:39:22 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/11/16 19:39:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2012/11/16 19:39:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2012/11/16 19:39:01 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2012/11/16 19:39:01 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012/11/21 22:19:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/11/21 21:55:46 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/21 21:55:46 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/21 21:53:00 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/21 21:52:00 | 000,000,958 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/11/21 21:51:51 | 000,918,504 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/11/21 21:51:51 | 000,749,290 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/11/21 21:51:51 | 000,161,028 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/11/21 21:45:12 | 000,000,944 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/21 21:45:00 | 000,000,978 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/11/21 21:44:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/11/21 21:44:47 | 4200,972,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/21 19:14:33 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForIvet.job
[2012/11/21 18:54:50 | 000,000,009 | ---- | M] () -- C:\END
[2012/11/21 16:24:32 | 000,000,956 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/11/20 22:52:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/11/20 20:23:57 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/11/17 03:37:38 | 000,346,440 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/21 22:19:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/11/21 18:54:49 | 000,000,009 | ---- | C] () -- C:\END
[2012/11/20 20:23:57 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/11/17 03:13:48 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/17 03:03:33 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/05/14 17:12:43 | 000,217,536 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/05/14 17:12:37 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/05/14 17:12:37 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2011/08/23 10:10:44 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011/05/30 21:58:34 | 000,185,168 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2011/05/30 21:58:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2011/04/29 14:27:26 | 000,926,130 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/04/01 21:45:52 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011/04/01 21:45:50 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011/04/01 21:45:50 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011/03/29 18:21:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011/03/26 05:16:12 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011/03/26 05:16:10 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011/03/26 03:43:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2011/03/26 03:43:36 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2011/03/14 20:15:06 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\HPUsageTrackingSDK.exe.hpsign
[2011/03/11 16:52:54 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011/03/07 19:00:12 | 000,366,208 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011/02/25 23:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011/02/21 18:37:16 | 000,038,224 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
[2011/02/20 11:58:33 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011/02/20 11:58:33 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011/01/11 05:03:08 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/01/19 16:05:08 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/10/18 00:27:05 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Cisco
[2011/12/05 20:16:47 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\DAEMON Tools Lite
[2011/12/04 00:49:16 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\DigitalPersona
[2012/11/21 21:47:56 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Dropbox
[2012/10/23 00:57:35 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\e-academy Inc
[2011/12/22 23:53:28 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\ESET
[2011/12/04 02:33:34 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\GHISLER
[2011/12/04 00:49:36 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Infineon
[2012/04/23 20:11:57 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\IrfanView
[2012/11/12 00:41:00 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\KeePass
[2012/11/06 20:20:58 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\MahJong Suite
[2011/12/22 13:20:28 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Miranda
[2012/05/08 23:06:07 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Notepad++
[2011/12/04 01:56:53 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Synaptics
[2011/12/04 03:13:07 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\webex
[2012/01/24 00:03:25 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\WindSolutions

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,610 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011/12/05 19:26:24 | 000,000,328 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForIvet.job
[2012/03/17 21:07:58 | 000,000,906 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/03/17 21:07:59 | 000,000,958 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/03/17 21:16:05 | 000,000,956 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/03/17 21:16:06 | 000,000,978 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/04/23 20:12:11 | 000,000,944 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/04/23 20:12:16 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/10/01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009/10/01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/10/29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/10/29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/10/29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/10/29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/10/29 04:06:46 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/10/29 04:03:01 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/10/29 04:06:46 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/10/29 04:03:01 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/09/01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009/09/01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\windows\SysNative\drivers\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010/10/29 04:09:15 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/10/29 04:09:15 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/09/29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/09/29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/10/29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/10/29 04:06:46 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[26 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/12/25 20:54:06 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Adobe
[2012/01/26 16:43:27 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Apple Computer
[2011/12/04 02:24:22 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\ArcSoft
[2012/01/19 16:05:08 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/10/18 00:27:05 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Cisco
[2011/12/05 20:16:47 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\DAEMON Tools Lite
[2011/12/04 00:49:16 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\DigitalPersona
[2012/11/21 21:47:56 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Dropbox
[2012/11/16 23:14:53 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\dvdcss
[2012/10/23 00:57:35 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\e-academy Inc
[2011/12/22 23:53:28 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\ESET
[2011/12/04 02:33:34 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\GHISLER
[2012/03/17 21:02:03 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Google
[2012/01/12 17:16:20 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Hewlett-Packard
[2012/07/16 19:39:43 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\hpqLog
[2011/12/04 01:56:30 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Identities
[2011/12/04 00:49:36 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Infineon
[2011/12/04 01:56:54 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Intel Corporation
[2012/04/23 20:11:57 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\IrfanView
[2012/11/12 00:41:00 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\KeePass
[2011/12/04 02:02:16 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Macromedia
[2012/11/06 20:20:58 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\MahJong Suite
[2012/10/30 23:32:17 | 000,000,000 | --SD | M] -- C:\Users\Ivet\AppData\Roaming\Microsoft
[2011/12/22 13:20:28 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Miranda
[2011/12/04 03:03:18 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Mozilla
[2012/05/08 23:06:07 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Notepad++
[2011/12/04 01:56:53 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\Synaptics
[2012/11/19 01:32:37 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\vlc
[2011/12/04 03:13:07 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\webex
[2012/01/24 00:03:25 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\WindSolutions
[2012/01/12 09:18:57 | 000,000,000 | ---D | M] -- C:\Users\Ivet\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012/06/07 03:02:30 | 027,502,520 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012/06/07 03:02:32 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ivet\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012/06/07 03:02:38 | 000,181,776 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ivet\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2007/01/01 22:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe
[2012/03/17 21:02:03 | 000,079,367 | ---- | M] () -- C:\Users\Ivet\AppData\Roaming\Google\Google Talk\uninstall.exe
[2011/12/23 00:21:06 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Ivet\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/10/23 00:57:35 | 000,009,662 | R--- | M] () -- C:\Users\Ivet\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_112D608FD02CD87FDC7735.exe
[2012/10/23 00:57:35 | 000,009,662 | R--- | M] () -- C:\Users\Ivet\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_853F67D554F05449430E7E.exe
[2012/10/23 00:57:35 | 000,009,662 | R--- | M] () -- C:\Users\Ivet\AppData\Roaming\Microsoft\Installer\{6CEF2BC6-8929-44EE-8360-175513E1A49A}\_D741DE45EC951A9C783889.exe
[2012/11/02 07:38:59 | 004,473,792 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2012/01/24 00:03:11 | 008,775,632 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
[2012/01/25 13:29:59 | 003,815,760 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.340_EN.exe
[2012/03/22 09:36:35 | 003,874,000 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.350_EN.exe
[2012/06/04 22:35:36 | 004,330,144 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.360_EN.exe
[2012/11/02 07:38:43 | 004,473,792 | ---- | M] (WindSolutions) -- C:\Users\Ivet\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.370_EN.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/11/21 16:24:32 | 000,000,956 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/11/21 21:45:00 | 000,000,978 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/11/21 21:45:12 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/11/21 21:53:00 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/11/20 22:52:00 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
[2012/11/21 21:52:00 | 000,000,958 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
[2012/11/21 19:14:33 | 000,000,328 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForIvet.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012/11/19 18:29:53 | 000,000,052 | ---- | M] () -- C:\windows\system32\DOErrors.log
[2012/11/21 21:46:37 | 000,000,044 | ---- | M] () -- C:\windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/20 14:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011/11/10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"googletalk" = C:\Users\Ivet\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart -- [2007/01/01 22:22:02 | 003,739,648 | ---- | M] (Google)
"Google Update" = "C:\Users\Ivet\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/03/17 21:07:57 | 000,136,176 | ---- | M] (Google Inc.)
"Facebook Update" = "C:\Users\Ivet\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012/07/12 14:40:15 | 000,138,096 | ---- | M] (Facebook Inc.)
"Cisco JabberVideo" = "C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe" /logon -- [2012/02/15 10:40:04 | 005,981,144 | ---- | M] (Cisco)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/04/01 14:34:23 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=637F2BDC0E53704D121DDD27A1F62090 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) MD5=D8510C2D48496B6C336E816FD67AA0F7 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/11/21 22:19:12 | 000,000,512 | ---- | M] () MD5=D7D70F32413F7A17EDF6FBC21B130EAF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011/09/01 02:36:16 | 001,674,383 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2011/09/01 02:36:16 | 000,001,557 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2011/09/01 02:36:16 | 000,004,499 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2011/09/01 02:36:28 | 000,448,049 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.jpg
[2011/09/01 02:36:28 | 000,001,014 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
[2011/09/01 02:36:28 | 000,005,672 | ---- | M] () -- \ProgramData\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.thumbnail.jpg
[2011/09/01 02:36:16 | 001,674,383 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.jpg
[2011/09/01 02:36:16 | 000,001,557 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.metadata.xml
[2011/09/01 02:36:16 | 000,004,499 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\BG_Creamcrackled.thumbnail.jpg
[2011/09/01 02:36:28 | 000,448,049 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.jpg
[2011/09/01 02:36:28 | 000,001,014 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.metadata.xml
[2011/09/01 02:36:28 | 000,005,672 | ---- | M] () -- \Users\All Users\Adobe\Photoshop Elements\10.0\Photo Creations\backgrounds\Cracked Paint.thumbnail.jpg
[2012/09/09 12:31:06 | 365,942,784 | ---- | M] () -- \Users\Ivet\Downloads\serialy\Bones\s07\Bones-S07E06-The-Crack-In-The-Code-(CZ-titulky-vloženy!).avi

< *keygen* /s >

< *loader* /s >
[2012/03/03 17:41:28 | 734,783,488 | ---- | M] () -- \FILMY\Polcas rozpadu-2007..DVDRip.CZ.by.Salud.of.PowerUploaders.avi
[2011/09/01 02:22:16 | 003,291,800 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\PhotoDownloader.exe
[2011/12/23 00:19:14 | 000,000,025 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\PhotoDownloader.ini
[2011/09/01 02:12:26 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011/09/01 02:13:38 | 000,000,097 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\apd\shared_assets\locales\en_US\Photodownloader.ini
[2011/09/01 02:12:30 | 000,011,196 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\Assets\bitmaps\main_window\C_LoadError.PNG
[2011/09/01 02:40:04 | 000,111,768 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_BinaryLoader_4.3.4.dll
[2011/09/01 02:40:08 | 000,202,392 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader2_4.3.4.dll
[2011/09/01 02:40:10 | 000,150,680 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\MXF_SDK_MetaMetadata_XSDLoader_4.3.4.dll
[2011/09/01 02:13:04 | 000,002,713 | ---- | M] () -- \Program Files (x86)\Adobe\Elements 10 Organizer\Mozilla\components\uriloader.xpt
[2009/11/27 17:11:48 | 000,084,480 | ---- | M] () -- \Program Files (x86)\ArcSoft\Camera Suite\WebCam Companion 3\ASDownloader.exe
[2009/11/27 17:12:48 | 000,338,432 | ---- | M] () -- \Program Files (x86)\ArcSoft\Camera Suite\WebCam Companion 3\SnapFishUploader.dll
[2012/01/13 18:17:56 | 000,658,384 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2012/01/13 18:17:56 | 000,658,384 | ---- | M] () -- \Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2009/12/21 10:40:04 | 000,068,944 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2009/12/18 20:22:26 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2010/10/07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/01/25 11:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011/01/25 11:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2012/10/24 00:00:13 | 000,000,116 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Log\20121024_000915\Datastore\_Extension_Agent_SqlResourceLoaderPath.xml
[2012/10/25 09:53:59 | 000,000,116 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Log\20121025_104412\MSSQLSERVER\Datastore\_Extension_Agent_SqlResourceLoaderPath.xml
[2010/04/03 12:47:23 | 000,016,736 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2010/04/03 12:47:23 | 000,016,736 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll
[2011/07/18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2010/10/07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/02/08 12:00:42 | 000,356,864 | ---- | M] () -- \Program Files\Hewlett-Packard\Drive Encryption\EpeHpSsoLoader.dll
[2012/11/07 15:51:49 | 000,003,208 | ---- | M] () -- \Users\Ivet\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\skin\ajax-loader.gif
[2011/12/04 02:07:35 | 000,816,914 | ---- | M] () -- \Users\Ivet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0O7W0UI\loader[1].cab
[2012/02/16 01:11:23 | 000,006,671 | ---- | M] () -- \Users\Ivet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SCLGCH5\uploader[1].swf
[2012/02/11 00:22:05 | 000,003,208 | ---- | M] () -- \Users\Ivet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DMNTBMLC\ajax-loader[1].gif
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,387,408 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.6029\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/10/07 04:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109750000000100000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2008/04/21 20:19:04 | 000,061,952 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D71602027F220D4FB955ABC1C671177\10.50.1600\FL_coloader80_dll_128691_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2008/04/21 15:21:56 | 000,004,608 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\7D71602027F220D4FB955ABC1C671177\10.50.1600\FL_coloader80_tlb_128927_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
[2007/11/07 09:21:26 | 000,072,192 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\FAA9C0AB723160F34BC943B9B48E7F04\9.0.21022\FL_coloader80_dll_128691_128691_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2007/11/06 19:10:00 | 000,004,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\FAA9C0AB723160F34BC943B9B48E7F04\9.0.21022\FL_coloader80_tlb_128927_128927_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011/02/05 14:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011/02/05 14:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011/02/05 18:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011/02/05 14:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/12/23 01:52:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/12/23 01:52:12 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/12/23 01:52:12 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/12/23 01:52:12 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/12/23 01:52:12 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:561568A4

< End of report >

[Marinne]

Extras.txt:


OTL Extras logfile created on: 11/21/2012 10:16:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ivet\Downloads\skola2
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

3.91 Gb Total Physical Memory | 1.59 Gb Available Physical Memory | 40.75% Memory free
7.82 Gb Paging File | 4.54 Gb Available in Paging File | 58.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.86 Gb Total Space | 237.68 Gb Free Space | 53.19% Space Free | Partition Type: NTFS
Drive E: | 13.61 Gb Total Space | 2.01 Gb Free Space | 14.79% Space Free | Partition Type: NTFS
Drive F: | 4.98 Gb Total Space | 2.12 Gb Free Space | 42.63% Space Free | Partition Type: FAT32

Computer Name: HP-IVET | User Name: Ivet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{025A1FA9-518F-43FF-99B7-0A0BCF10E32D}" = rport=445 | protocol=6 | dir=out | app=system |
"{08B0B8EA-CB7B-4407-83DF-290C0E0E67CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17CC9B18-6DEB-45EF-83C4-9B6AC727D769}" = lport=139 | protocol=6 | dir=in | app=system |
"{19C0D46D-9FCD-4110-8232-A1899F08A6AE}" = rport=138 | protocol=17 | dir=out | app=system |
"{2375E2FA-2118-4AC1-98F8-3D479AF36318}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AC0447B-349A-4E0D-86B8-2F60993EC0BD}" = rport=137 | protocol=17 | dir=out | app=system |
"{353C2546-B356-4FB9-A4F2-A99CC7E8AB70}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C98B0ED-0C66-4851-81EB-5361A6340553}" = rport=10243 | protocol=6 | dir=out | app=system |
"{45495F6C-032B-4C56-B771-7C31B8FF4929}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46C552A1-4615-4B15-878A-FF018A2BE29F}" = rport=139 | protocol=6 | dir=out | app=system |
"{54D75288-1618-4FC3-BAD9-33095B05CA9A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55B6A888-79B0-4D06-9B5E-6A102E29A8C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{699EF07A-32AE-4740-9665-4C77108144F7}" = lport=138 | protocol=17 | dir=in | app=system |
"{76CBF655-8BF5-420E-9ECA-ADF472008B1B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{773C9B5B-0148-4A0B-B350-B58208EDEBBC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{79B57D65-8582-4B47-AE08-356F65BC815C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FF2FD35-499C-4B8B-A135-6A490450E19D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{947CC98E-70C1-4A63-A04C-08EDC2736EF9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C2830EE1-2DEB-41DC-BBC6-D23BF5A77741}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF351D17-71D3-4498-B4C4-862EAD1521FC}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{D2DF13D9-4EB0-4CA2-8FC8-DFA004AAE6BA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D94D5360-48DA-40A4-BF1D-4CF5DE2A4D2F}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6D722B1-2B04-468F-A9A4-804192D1279E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FCB737E9-98F0-4010-89F2-F46B0E5ABAC6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060F0452-D61A-4834-9440-277EB63C6A99}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{064615B7-243A-4C6B-B796-F3DC4682CD46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0EA0B697-EEA9-43A7-83EB-05EC86FF9AC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1676333D-B7FA-4F69-BA6E-331F1CFEDDE0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{27DB9DE5-4ABA-482F-AFF3-86439A7173E4}" = protocol=6 | dir=in | app=c:\users\ivet\appdata\roaming\dropbox\bin\dropbox.exe |
"{28C4CFA2-7717-4B59-A6F1-B4EFC6F85442}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{2B99DFED-32B0-4880-B5ED-2A59B5AF3630}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C919ADA-D6B8-4FBA-9051-2EE6CD3B4EAB}" = protocol=6 | dir=out | app=system |
"{2DE40D32-2294-4E0B-910B-680EDE4EF73E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C308F5C-E755-4A3F-B73A-8B388D82D420}" = protocol=17 | dir=in | app=c:\users\ivet\appdata\roaming\dropbox\bin\dropbox.exe |
"{4AC7D67D-17EF-48A4-B809-CFB96279B33B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{59312EA7-49F4-4226-B127-80A7C63B3977}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5EC5AA70-9FEF-49FE-A404-DCFD1DDDEB88}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{63988CC1-E29E-4982-B4D4-022FACF54B95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{675B69EB-50EF-4BDA-A713-5EC7DA6F8FC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6833C44B-4871-4891-990D-7C217C6E6AC4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{771FA317-85EB-4D02-8776-D87E90D395D7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94078DBF-6D5F-44C4-89DA-820CBC10309A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B7964AAB-5149-44D4-97A1-D4721CD03733}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C4CA637C-D25B-4F5B-93B0-A375171CB518}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5ADBDDC-4BCA-4488-AF07-2516B5E9ED60}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C6CE3AAC-8320-4159-A2B2-3476C5A84C8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB24AB52-2830-44C1-BADC-05EED22D7307}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4506951-7E8A-4854-8CCB-0378D7E9E2F3}" = dir=in | app=c:\program files (x86)\cisco\jabbervideo\jabbervideo.exe |
"{D99C42C1-41C2-4371-ABD5-732B617E7B4D}" = dir=in | app=c:\users\ivet\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{DBFCBE3D-0891-4B0F-8D8B-5826A25B141A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ED497E84-2072-4B85-A1E4-6FACC4E37409}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F4BB3DE1-3780-4FCF-9DDD-733BE62EC4DE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{4A852E6C-5089-4317-B38B-4FEBA511392C}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"UDP Query User{CB65A922-6C4A-499E-8CC8-A2DCE1282BF5}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{362A3FDF-B12E-436A-9097-1B795A9FFCC5}" = Microsoft SQL Server 2008 R2 Native Client
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}" = Microsoft SQL Server 2008 R2 Setup (English)
"{705EE775-5776-48FD-B704-C3C9CF535420}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87821717-5688-4AE6-887A-6B11571D0CD7}" = Embedded Security for HP ProtectTools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIO_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIO_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUS_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIO_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUS_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.VISIO_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUS_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.VISIO_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0409-1000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-0054-0409-1000-0000000FF1CE}_Office14.VISIO_{7DC2B20B-31B9-4C7C-B8DC-8492A9A3095E}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{9081486B-B26D-42DB-8D31-81C525A9526A}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUS_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUS_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AADADAD4-3086-43E8-9CB0-187265989761}" = LINGO 13.0/x64
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFA2D2A7-4FAC-4862-B7A3-960B329C2177}" = Validity Fingerprint Sensor Driver
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CD4F3229-4A37-463F-98A3-3DEEEEE8492C}" = HP Backlit Keyboard Controls
"{CF9ACC81-C8C3-4BD1-BD1F-FE13CF344E20}" = HP Power Assistant
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D856C86A-6D49-4A32-BBC2-54714EAF2CA0}" = HP ProtectTools Security Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}" = HP 3D DriveGuard
"{EEBFFF46-0882-4E8B-9C19-4BF144CBC267}" = ESET Smart Security
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIO" = Microsoft Visio Premium 2010
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{04D1DF8F-2D00-44F8-8094-5A8822354B89}" = SQL Server 2008 R2 Integration Services
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio
"{143203CB-9E09-4D9D-91F1-D000EC6E1F87}" = SQL Server 2008 R2 BI Development Studio
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{2BF7DF19-F716-4986-AD4A-3AF6ACFEEE14}" = SQL Server 2008 R2 BI Development Studio
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{4741C69E-1B4E-43DA-9598-7F94BA6B66E7}" = CiscoVirtualCom(x64)
"{4981497E-94BC-4766-A4F5-D8670C28D292}" = Cisco Jabber Video for TelePresence
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B21E4B2-89B8-499D-803A-34ABF929401E}" = HP Connection Manager
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{501A312A-05FE-431B-8E9D-52DC45B2DE92}" = SQL Server 2008 R2 Integration Services
"{51032BDF-67CD-4160-A662-26BAEFA346D6}" = SQL Server 2008 R2 Client Tools
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{5B2E4D40-16FA-40A0-B510-A50FA8F72D6A}" = ArcSoft Camera Suite
"{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}" = HP Documentation
"{6249567F-65C3-4EE7-B023-E4FA035B0520}" = SQL Server 2008 R2 Analysis Services
"{6357258D-2BF9-49E7-A9EF-0C609D52C46D}" = HP ESU for Microsoft Windows 7
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6CEF2BC6-8929-44EE-8360-175513E1A49A}" = Secure Download Manager
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6EBAF52D-9558-4D6D-B7E7-3DD213206285}" = HP Software Framework
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72CD20B8-55F3-4B4F-A44F-E381232E84ED}" = HP QuickWeb
"{74F7B314-0507-4F91-9A4E-B6C9B027E410}" = Microsoft SQL Server 2008 R2 Books Online
"{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English)
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{85BE320B-A37D-42DA-B9BE-20A40B6A05E3}" = Cisco AnyConnect Secure Mobility Client
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954079D6-28E0-417D-AC43-F728E3CB7CE5}" = HP System Default Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACDACC7-0095-40F1-8033-0DB95C920678}" = SQL Server 2008 R2 Client Tools
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}" = Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{DAA8590D-D93E-4697-9CBE-D96A7590A8E3}" = SQL Server 2008 R2 Analysis Services
"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
"{DED01768-E634-11E1-AEB0-984BE15F174E}" = Evernote v. 4.5.8
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FE465061-894A-4023-8580-56FCDD4F23F9}" = HP SoftPaq Download Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"ArcSoft Camera Suite" = ArcSoft Camera Suite
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.20.1
"MahJong Suite_is1" = MahJong Suite 2010 v7.1
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Miranda IM" = Miranda IM 0.9.37
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"Notepad++" = Notepad++
"Scratch" = Scratch
"Totalcmd" = Total Commander (Remove or Repair)
"VIP Access SDK" = VIP Access SDK (1.0.0.55)
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"ActiveTouchMeetingClient" = WebEx
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/5/2012 7:30:33 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2638835

Error - 8/5/2012 7:30:33 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2638835

Error - 8/5/2012 7:30:34 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/5/2012 7:30:34 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2639849

Error - 8/5/2012 7:30:34 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2639849

Error - 8/5/2012 7:30:35 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/5/2012 7:30:35 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2640863

Error - 8/5/2012 7:30:35 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2640863

Error - 8/5/2012 7:30:36 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/5/2012 7:30:36 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2641862

Error - 8/5/2012 7:30:36 PM | Computer Name = hp-ivet | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2641862

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 11/21/2012 4:43:33 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp
Line:
1676 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: An existing
connection was forcibly closed by the remote host.

Error - 11/21/2012 4:43:33 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE

Error - 11/21/2012 4:45:01 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2626 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 11/21/2012 4:45:01 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2626 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 11/21/2012 4:45:01 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2626 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 11/21/2012 4:45:01 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2626 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 11/21/2012 4:45:01 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
2626 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED

Error - 11/21/2012 4:45:07 PM | Computer Name = hp-ivet | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 11/21/2012 4:45:38 PM | Computer Name = hp-ivet | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4612
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: No more data
is available.

Error - 11/21/2012 4:45:39 PM | Computer Name = hp-ivet | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1084 NULL object. Cannot establish a connection at this time.

[ Hewlett-Packard Events ]
Error - 7/25/2012 2:55:49 AM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 7/30/2012 12:02:30 PM | Computer Name = hp-ivet | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/50740e2b_6c6e_4e71_a468_930b55308890/cm6kwroqoyudbwrjyeuewzoo_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 4006 Ram Utilization: 30 TargetSite: Void UpdateDetail(System.String)

Error - 8/13/2012 2:10:09 PM | Computer Name = hp-ivet | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/197c11ea_a0fe_4e60_bbca_2393c3a1107c/b34xhvojif0uf5z9j2jstjrj_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 4006 Ram Utilization: 50 TargetSite: Void UpdateDetail(System.String)

Error - 9/2/2012 4:55:36 PM | Computer Name = hp-ivet | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/8c5163d1_2d12_4caf_863a_dc9d4c58337c/wmpuga7j2un3jjqfwuua+ipe_15.rem'
has been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 4006 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 9/3/2012 10:40:08 AM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 9/25/2012 10:50:44 AM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 10/1/2012 11:36:37 AM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 10/25/2012 4:55:03 AM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 11/5/2012 4:39:23 PM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 4000
Description =

Error - 11/21/2012 2:18:37 PM | Computer Name = hp-ivet | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetAppliedUpdates()

at HP.SupportFramework.Utilities.HPSAIssues.AnalysisRuntime.ValidateCompletedActions(String
guidRestarted) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetAppliedUpdates()

at HP.SupportFramework.Utilities.HPSAIssues.AnalysisRuntime.ValidateCompletedActions(String
guidRestarted) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
4006 Ram Utilization: 60 TargetSite: System.Collections.Generic.List`1[HP.SupportFramework.Utilities.HPSAIssues.ActionItem]
GetAppliedUpdates()

[ HP Connection Manager Events ]
Error - 6/3/2012 12:32:32 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:32.605|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:34 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:34.118|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:35 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:35.631|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:40 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:40.170|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:41 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:41.683|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:47 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:47.502|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:52 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:52.276|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:53 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:53.789|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:58 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:58.329|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 6/3/2012 12:32:59 PM | Computer Name = hp-ivet | Source = hpCMSrv | ID = 5
Description = 2012/06/03 18:32:59.842|00001A08|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Power Assistant Events ]
Error - 10/11/2012 4:31:41 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.

Error - 10/11/2012 4:31:41 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.

Error - 10/11/2012 4:31:42 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -

Error - 10/11/2012 9:20:46 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.

Error - 10/11/2012 9:20:46 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1027
Description = An error occured in HP Power Assistant application, module [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1,
Culture=neutral, PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The
system cannot find the file specified.

Error - 10/11/2012 9:20:46 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Exception has been thrown by the target of an invocation.ServiceWorkerMethod
ABORTED! -

Error - 10/11/2012 9:20:57 AM | Computer Name = hp-ivet | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Could not load file or assembly 'CaslShared, Version=3.5.1.1, Culture=neutral,
PublicKeyToken=9c6f83d5b7f3d097' or one of its dependencies. The system cannot
find the file specified.

Error - 10/17/2012 2:15:49 AM | Computer Name = hp-ivet | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 10/28/2012 8:38:49 PM | Computer Name = hp-ivet | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode

Error - 10/28/2012 8:39:48 PM | Computer Name = hp-ivet | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode

[ HP Software Framework Events ]
Error - 7/16/2012 2:37:20 PM | Computer Name = hp-ivet | Source = Casl | ID = 5
Description = 2012.07.16 20:37:20.792|0000180C|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0

Error - 7/16/2012 2:37:20 PM | Computer Name = hp-ivet | Source = Casl | ID = 5
Description = 2012.07.16 20:37:20.850|00001D10|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged

Error - 7/16/2012 2:37:20 PM | Computer Name = hp-ivet | Source = Casl | ID = 5
Description = 2012.07.16 20:37:20.901|0000180C|Error |[CaslWmi]A::A{bool(object,object)}|Error
invoking subscriber delegate. Exception: No handler registered for event, Wireless.GlobalChanged.2.0

Error - 7/16/2012 2:39:25 PM | Computer Name = hp-ivet | Source = Casl | ID = 5
Description = 2012.07.16 20:39:25.425|00002084|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 7/16/2012 2:39:25 PM | Computer Name = hp-ivet | Source = Casl | ID = 5
Description = 2012.07.16 20:39:25.453|00002084|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the QuickSynch.Bitlocker.Changed event. Exception: Object reference
not set to an instance of an object.

Error - 10/17/2012 2:15:49 AM | Computer Name = hp-ivet | Source = CaslSmBios | ID = 5
Description = 2012.10.17 08:15:49.483|00001514|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 10/18/2012 8:23:09 AM | Computer Name = hp-ivet | Source = CaslSmBios | ID = 5
Description = 2012.10.18 14:23:09.625|00001B44|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 10/18/2012 8:23:10 AM | Computer Name = hp-ivet | Source = CaslSmBios | ID = 5
Description = 2012.10.18 14:23:10.701|00001B44|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

Error - 11/21/2012 4:44:07 PM | Computer Name = hp-ivet | Source = CaslSmBios | ID = 5
Description = 2012.11.21 21:44:07.304|000004BC|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.

Error - 11/21/2012 4:44:08 PM | Computer Name = hp-ivet | Source = CaslSmBios | ID = 5
Description = 2012.11.21 21:44:08.318|000004BC|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.

[ System Events ]
Error - 9/13/2012 10:10:18 AM | Computer Name = hp-ivet | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = CBS Client initialization failed. Last error: 0x8007045b

Error - 9/13/2012 10:13:50 AM | Computer Name = hp-ivet | Source = Service Control Manager | ID = 7034
Description = The HP Power Assistant Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 9/13/2012 11:52:32 AM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/13/2012 12:21:45 PM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/13/2012 1:20:13 PM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/13/2012 4:11:49 PM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/14/2012 8:46:37 AM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/14/2012 1:18:01 PM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/14/2012 4:15:22 PM | Computer Name = hp-ivet | Source = Microsoft-Windows-TBS | ID = 16385
Description = An internal TBS error was detected. The error code was 0x800703e3.
This is usually caused by unexpected TPM or driver behavior and may be transient.

Error - 9/15/2012 1:40:33 AM | Computer Name = hp-ivet | Source = Service Control Manager | ID = 7034
Description = The HP Power Assistant Service service terminated unexpectedly. It
has done this 1 time(s).


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
  IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
  IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
  IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
  IE - HKLM\..\SearchScopes,DefaultScope =
  IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
  IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBoxIE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
  IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{501235D3-CF70-46FE-BDF0-10DDBA5C63E2}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
  IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
  IE - HKU\S-1-5-21-2935871942-279472356-996670657-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  [2012/11/20 20:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
  [4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [6 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [26 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
  [2012/11/21 16:24:32 | 000,000,956 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
  [2012/11/21 21:45:00 | 000,000,978 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
  [2012/11/21 21:45:12 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2012/11/21 21:53:00 | 000,000,948 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2012/11/20 22:52:00 | 000,000,906 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job
  [2012/11/21 21:52:00 | 000,000,958 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job
  [2012/11/21 19:14:33 | 000,000,328 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForIvet.job
  @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:561568A4
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "BCSSync"=-
  "AdobeAAMUpdater-1.0"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "googletalk"=-
  "Google Update"=-
  "Facebook Update"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "FlashPlayerUpdate"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  ""=-
  "Adobe ARM"=-
  "QuickTime Task"=-
  "iTunesHelper"=-
  "SunJavaUpdateSched"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Marinne]

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKU\S-1-5-21-2935871942-279472356-996670657-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{501235D3-CF70-46FE-BDF0-10DDBA5C63E2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{501235D3-CF70-46FE-BDF0-10DDBA5C63E2}\ not found.
Registry key HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_USERS\S-1-5-21-2935871942-279472356-996670657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1554.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2876.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE56F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1DBF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP28C4.tmp\Narrator.exe deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP28C4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC1F7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF9BB.tmp folder deleted successfully.
C:\windows\Temp\AEID1EE.tmp deleted successfully.
C:\windows\Temp\CR_EC0FE.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\windows\Temp\CR_EC0FE.tmp folder deleted successfully.
C:\windows\Temp\DMI5205.tmp deleted successfully.
C:\windows\Temp\DMI534D.tmp deleted successfully.
C:\windows\Temp\DMI5E45.tmp deleted successfully.
C:\windows\Temp\IMTE0A3.tmp deleted successfully.
C:\windows\Temp\IMTF014.tmp deleted successfully.
C:\windows\Temp\RGI1D37.tmp deleted successfully.
C:\windows\Temp\RGI1D37.tmp-tmp deleted successfully.
C:\windows\Temp\RGI315F.tmp deleted successfully.
C:\windows\Temp\RGI315F.tmp-tmp deleted successfully.
C:\windows\Temp\RGI4D86.tmp deleted successfully.
C:\windows\Temp\RGI4D86.tmp-tmp deleted successfully.
C:\windows\Temp\RGIA9D.tmp deleted successfully.
C:\windows\Temp\RGIA9D.tmp-tmp deleted successfully.
C:\windows\Temp\RGIB933.tmp deleted successfully.
C:\windows\Temp\RGIB933.tmp-tmp deleted successfully.
C:\windows\Temp\RGIC132.tmp deleted successfully.
C:\windows\Temp\RGIC132.tmp-tmp deleted successfully.
C:\windows\Temp\TS_7695.tmp deleted successfully.
C:\windows\Temp\UDD1C40.tmp deleted successfully.
C:\windows\Temp\~FSE84A.tmp deleted successfully.
C:\windows\Temp\~IXE847.tmp deleted successfully.
C:\windows\Temp\~IXE848.tmp deleted successfully.
C:\windows\Temp\~IXE849.tmp deleted successfully.
C:\windows\Temp\~IXF5D7.tmp deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935871942-279472356-996670657-1001UA.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForIvet.job moved successfully.
ADS C:\ProgramData\TEMP:561568A4 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\googletalk deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Ivet
->Temp folder emptied: 1266413881 bytes
->Temporary Internet Files folder emptied: 85149044 bytes
->Java cache emptied: 117146 bytes
->FireFox cache emptied: 391400872 bytes
->Google Chrome cache emptied: 345602930 bytes
->Flash cache emptied: 89912 bytes

User: Public

User: xhrni03
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 678121721 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 513712359 bytes

Total Files Cleaned = 3,129.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Ivet
->Flash cache emptied: 0 bytes

User: Public

User: xhrni03
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Ivet
->Java cache emptied: 0 bytes

User: Public

User: xhrni03

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11242012_202136

Files\Folders moved on Reboot...
File\Folder C:\Users\Ivet\AppData\Local\Temp\OICE_A0E7C54C-D918-483D-B3F0-A53F12066313.0\4D43179.xlsx not found!
C:\Users\Ivet\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\windows\temp\wbxtra_11212012_214501.wbt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Jak se chova PC

[Marinne]

Chová sa úplne normálne. Veľmi pekne ďakujem

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Marinne]

Všetko prebehlo v poriadku, ani náznak pôvodných problémov. Ďakujem ešte raz a pekný zvyšok víkendu