Značně zpomaleny počítač

Zpráva

davys · #1 Příspěvek od **davys** » 02 led 2013 20:20

Zdravím Vás, prosím pěkně o kontrolu logu z RSIT - počítač se v posledních dvou dnech velmi zpomalil a chladí jak o život. Děkuji...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Milan at 2013-01-02 19:57:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 15 GB (20%) free of 72 GB
Total RAM: 3951 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:56, on 2.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Xerox Companion Suite\MFServices.exe
C:\Users\Milan\AppData\Local\Temp\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... w.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MFFSum_Pro_LL2] "C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe"
O4 - HKLM\..\Run: [MFPrintServer_Pro_LL2] "C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Session Launcher Service (FUSServices) - Unknown owner - C:\windows\SysWOW64\FUSServices.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13670 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 37705632
\??\C:\windows\system32\conhost.exe "1621622149-1945154556-564308083-1069235527-1599970796-12258209741102682142-1687514809
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\FUSServices.exe
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"LF2GRPOW.exe"
WLIDSvcM.exe 2664
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
taskeng.exe {7FCC46C4-4DD4-491C-B941-8004ADE888D0}
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
-n
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: Off</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_off.ico</IconPath><ID>381239695</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Users\Milan\AppData\Local\Temp\TeamViewer\Version5\TeamViewer.exe" --qsc --pw "UmFkaWFsa0A0OTgr"
"c:\users\milan\appdata\local\temp\teamviewer\version5\TeamViewer_Desktop.exe" --IPCport 6039
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k swprv
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe21_ Global\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Milan\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForMilan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 2187528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 1471752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-09-12 445624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-12 11265536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-23 563736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-12-24 295072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
""= []
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-12-24 295072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"MFFSum_Pro_LL2"=C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe [2010-02-11 24576]
"MFPrintServer_Pro_LL2"=C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe [2010-02-11 73728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-02 19:57:32 ----D---- C:\Program Files\trend micro
2013-01-02 19:57:31 ----D---- C:\rsit
2012-12-26 16:54:39 ----D---- C:\ProgramData\Browser Manager
2012-12-26 14:57:42 ----A---- C:\windows\system32\msvcr100.dll
2012-12-26 14:33:51 ----D---- C:\ProgramData\boost_interprocess
2012-12-24 15:38:01 ----D---- C:\Users\Milan\AppData\Roaming\RealNetworks
2012-12-24 15:37:33 ----D---- C:\Program Files (x86)\RealNetworks
2012-12-24 15:37:30 ----D---- C:\ProgramData\RealNetworks
2012-12-22 01:13:30 ----A---- C:\windows\SYSWOW64\atmlib.dll
2012-12-22 01:13:30 ----A---- C:\windows\system32\atmlib.dll
2012-12-22 01:13:29 ----A---- C:\windows\system32\atmfd.dll
2012-12-22 01:13:28 ----A---- C:\windows\SYSWOW64\atmfd.dll
2012-12-13 00:40:30 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-12-13 00:40:30 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-12-13 00:40:30 ----A---- C:\windows\system32\mshtmled.dll
2012-12-13 00:40:29 ----A---- C:\windows\SYSWOW64\url.dll
2012-12-13 00:40:29 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-12-13 00:40:29 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-12-13 00:40:29 ----A---- C:\windows\system32\url.dll
2012-12-13 00:40:29 ----A---- C:\windows\system32\ieUnatt.exe
2012-12-13 00:40:29 ----A---- C:\windows\system32\ieui.dll
2012-12-13 00:40:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-12-13 00:40:28 ----A---- C:\windows\system32\urlmon.dll
2012-12-13 00:40:28 ----A---- C:\windows\system32\msfeeds.dll
2012-12-13 00:40:28 ----A---- C:\windows\system32\jscript9.dll
2012-12-13 00:40:27 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-12-13 00:40:27 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-12-13 00:40:27 ----A---- C:\windows\system32\wininet.dll
2012-12-13 00:40:27 ----A---- C:\windows\system32\jsproxy.dll
2012-12-13 00:40:26 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-12-13 00:40:26 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-12-13 00:40:25 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-12-13 00:40:25 ----A---- C:\windows\system32\vbscript.dll
2012-12-13 00:40:25 ----A---- C:\windows\system32\jscript.dll
2012-12-13 00:40:25 ----A---- C:\windows\system32\iertutil.dll
2012-12-13 00:40:24 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-12-13 00:40:20 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-12-13 00:40:19 ----A---- C:\windows\system32\mshtml.dll
2012-12-13 00:40:18 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-12-13 00:40:18 ----A---- C:\windows\system32\ieframe.dll
2012-12-13 00:00:14 ----A---- C:\windows\SYSWOW64\tzres.dll
2012-12-13 00:00:14 ----A---- C:\windows\system32\tzres.dll
2012-12-13 00:00:11 ----A---- C:\windows\system32\win32k.sys
2012-12-13 00:00:05 ----A---- C:\windows\SYSWOW64\kernel32.dll
2012-12-13 00:00:05 ----A---- C:\windows\system32\winsrv.dll
2012-12-13 00:00:05 ----A---- C:\windows\system32\KernelBase.dll
2012-12-13 00:00:05 ----A---- C:\windows\system32\kernel32.dll
2012-12-13 00:00:05 ----A---- C:\windows\system32\conhost.exe
2012-12-13 00:00:04 ----A---- C:\windows\SYSWOW64\setup16.exe
2012-12-13 00:00:04 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2012-12-13 00:00:04 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2012-12-13 00:00:04 ----A---- C:\windows\system32\wow64win.dll
2012-12-13 00:00:04 ----A---- C:\windows\system32\wow64cpu.dll
2012-12-13 00:00:04 ----A---- C:\windows\system32\wow64.dll
2012-12-13 00:00:04 ----A---- C:\windows\system32\ntvdm64.dll
2012-12-13 00:00:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 00:00:03 ----A---- C:\windows\SYSWOW64\wow32.dll
2012-12-13 00:00:03 ----A---- C:\windows\SYSWOW64\instnm.exe
2012-12-13 00:00:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-12-13 00:00:02 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-12-13 00:00:01 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-12-13 00:00:00 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 23:59:59 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 23:59:57 ----A---- C:\windows\SYSWOW64\user.exe
2012-12-12 23:59:51 ----A---- C:\windows\SYSWOW64\dpnet.dll
2012-12-12 23:59:51 ----A---- C:\windows\system32\dpnet.dll

======List of files/folders modified in the last 1 month======

2013-01-02 19:57:52 ----D---- C:\windows\Temp
2013-01-02 19:57:51 ----D---- C:\windows\Prefetch
2013-01-02 19:57:32 ----RD---- C:\Program Files
2013-01-02 17:06:12 ----D---- C:\windows\system32\config
2013-01-02 14:34:21 ----D---- C:\windows\System32
2013-01-02 14:34:21 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-01-02 14:34:20 ----D---- C:\windows\inf
2013-01-02 10:42:40 ----SHD---- C:\System Volume Information
2013-01-02 09:50:53 ----D---- C:\windows\system32\Tasks
2013-01-02 09:47:59 ----D---- C:\ProgramData\HPQLOG
2013-01-02 09:47:21 ----A---- C:\windows\SYSWOW64\log.txt
2013-01-02 08:41:48 ----SHD---- C:\windows\Installer
2012-12-30 10:26:20 ----D---- C:\ProgramData\PDFC
2012-12-27 16:17:15 ----D---- C:\windows\SysWOW64
2012-12-26 23:27:15 ----RD---- C:\Program Files (x86)
2012-12-26 23:26:23 ----D---- C:\Program Files (x86)\Google
2012-12-26 23:25:23 ----D---- C:\windows\system32\catroot
2012-12-26 23:18:47 ----SD---- C:\Users\Milan\AppData\Roaming\Microsoft
2012-12-26 23:18:46 ----D---- C:\ProgramData\Microsoft Help
2012-12-26 22:10:00 ----D---- C:\windows\system32\drivers
2012-12-26 22:09:46 ----D---- C:\windows\system32\DriverStore
2012-12-26 22:03:25 ----HD---- C:\ProgramData
2012-12-26 22:01:40 ----DC---- C:\windows\system32\DRVSTORE
2012-12-26 21:50:15 ----D---- C:\windows\winsxs
2012-12-26 21:40:32 ----D---- C:\Program Files (x86)\Nokia
2012-12-26 21:40:28 ----D---- C:\windows\system32\catroot2
2012-12-26 21:39:02 ----D---- C:\Program Files (x86)\Common Files
2012-12-26 21:38:20 ----D---- C:\Users\Milan\AppData\Roaming\Nokia
2012-12-26 21:35:58 ----D---- C:\ProgramData\Google
2012-12-26 14:03:34 ----D---- C:\windows\system32\NDF
2012-12-26 13:55:23 ----D---- C:\Program Files (x86)\WinRAR
2012-12-24 15:37:19 ----D---- C:\ProgramData\Real
2012-12-24 15:37:11 ----A---- C:\windows\SYSWOW64\rmoc3260.dll
2012-12-24 15:37:02 ----A---- C:\windows\SYSWOW64\pndx5032.dll
2012-12-24 15:37:02 ----A---- C:\windows\SYSWOW64\pndx5016.dll
2012-12-24 15:37:02 ----A---- C:\windows\SYSWOW64\pncrt.dll
2012-12-24 15:36:53 ----D---- C:\Program Files\Google
2012-12-24 15:36:04 ----D---- C:\windows\Tasks
2012-12-13 22:24:54 ----D---- C:\windows\rescache
2012-12-13 10:21:14 ----D---- C:\windows\SYSWOW64\cs-CZ
2012-12-13 10:21:14 ----D---- C:\windows\system32\cs-CZ
2012-12-13 10:21:11 ----D---- C:\windows\SYSWOW64\migration
2012-12-13 10:21:11 ----D---- C:\windows\AppPatch
2012-12-13 10:21:11 ----D---- C:\Program Files (x86)\Internet Explorer
2012-12-13 10:21:09 ----D---- C:\windows\system32\migration
2012-12-13 10:21:09 ----D---- C:\Program Files\Internet Explorer
2012-12-13 00:42:19 ----A---- C:\windows\system32\MRT.exe
2012-12-11 09:43:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-12-16 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-12-16 15688]
R0 SmartDefragDriver;SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-12-16 58184]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-02-15 3063360]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-06-10 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 massfilter;Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 462088]
R2 FUSServices;Session Launcher Service; C:\windows\SysWOW64\FUSServices.exe [2010-02-11 10752]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-19 36864]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-20 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-20 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-07 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

davys · #2 Příspěvek od **davys** » 02 led 2013 20:52

Ještě jestli bude třeba log z AdwCleaneru...

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 20:49:07
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Milan - MILAN-NBK
# Boot Mode : Normal
# Running from : C:\Users\Milan\Downloads\adwcleaner (1).exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\YouTube Downloader Toolbar
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\Milan\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f}
Folder Found : C:\Users\Milan\AppData\Local\Temp\boost_interprocess
Folder Found : C:\Users\Milan\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\iLividSRTB
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-2197893980-887659782-124407315-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.11] : homepage = "hxxp://www.searchnu.com/406",
Found [l.15] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]
Found [l.51] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=418&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2034661403284241&q={searchTerms}",
Found [l.1525] : homepage = "hxxp://www.searchnu.com/406",
Found [l.1751] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]

*************************

AdwCleaner[R1].txt - [3535 octets] - [02/01/2013 20:49:07]

########## EOF - C:\AdwCleaner[R1].txt - [3595 octets] ##########

#3 Příspěvek od **vyosek** » 02 led 2013 21:04

Zdravim

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

davys · #4 Příspěvek od **davys** » 02 led 2013 21:39

Tak tady je...

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 20:49:07
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Milan - MILAN-NBK
# Boot Mode : Normal
# Running from : C:\Users\Milan\Downloads\adwcleaner (1).exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\YouTube Downloader Toolbar
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\Milan\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f}
Folder Found : C:\Users\Milan\AppData\Local\Temp\boost_interprocess
Folder Found : C:\Users\Milan\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\Software\iLividSRTB
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-2197893980-887659782-124407315-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.11] : homepage = "hxxp://www.searchnu.com/406",
Found [l.15] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]
Found [l.51] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=418&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=2034661403284241&q={searchTerms}",
Found [l.1525] : homepage = "hxxp://www.searchnu.com/406",
Found [l.1751] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]

*************************

AdwCleaner[R1].txt - [3535 octets] - [02/01/2013 20:49:07]

########## EOF - C:\AdwCleaner[R1].txt - [3595 octets] ##########

#5 Příspěvek od **vyosek** » 02 led 2013 21:41

Chce to lepe cist, ja psal at tady ted Delete, kdyz jste Search udelal uz predtim...

Ted jste udelal znovu Search, takze prosim znovu, ale tentokrate uz opravdu s Delete

davys · #6 Příspěvek od **davys** » 02 led 2013 22:11

Omlouvám se - je to PC šváry, řešíme to přes teamviewer a on mi vše pro něj neznámé vystornoval

Takže znovu a lépe...

# AdwCleaner v2.104 - Logfile created 01/02/2013 at 21:56:46
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Milan - MILAN-NBK
# Boot Mode : Normal
# Running from : C:\Users\Milan\Downloads\adwcleaner (1).exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Program Files (x86)\YouTube Downloader Toolbar
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Milan\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f}
Folder Deleted : C:\Users\Milan\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Milan\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.11] : homepage = "hxxp://www.searchnu.com/406",
Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]
Deleted [l.51] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=418&systemid=406&apn_dtid[...]
Deleted [l.1525] : homepage = "hxxp://www.searchnu.com/406",
Deleted [l.1751] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406", "hxxp://www.google.com" ]

*************************

AdwCleaner[S1].txt - [3387 octets] - [02/01/2013 21:56:46]

########## EOF - C:\AdwCleaner[S1].txt - [3447 octets] ##########

#7 Příspěvek od **vyosek** » 02 led 2013 22:31

A nebude lepsi kdyz se sem svara podiva a bude to delat sam

Odinstalujte Smart Defrag 2 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Odinstalujte McAfee Security Scan

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

davys · #8 Příspěvek od **davys** » 02 led 2013 22:36

No ono je to s ním na dlouhý lokte

- jak tak na to koukám, dovolím si posunout řešení na zítra - vezmu si jeho noťas k sobě, zatím díky, zítra vložím požadované logy.

#9 Příspěvek od **vyosek** » 02 led 2013 22:38

OK, zitra tu budu prubezne nakukovat cely den

davys · #10 Příspěvek od **davys** » 02 led 2013 22:45

Super, zatím díky moc - zítra jsem pracovně na cestách, takže se sem nedostanu určitě dřív než v podvečer.
Ještě jednou díky za ochotu...

#11 Příspěvek od **vyosek** » 02 led 2013 22:51

Prozatim nemate zac

davys · #12 Příspěvek od **davys** » 04 led 2013 16:11

Zdravíčko - včera jsem se dostal z práce až v noci, takže pokračuji až nyní ...tady je první část OTL.txt

OTL logfile created on: 4.1.2013 15:43:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 48,25% Memory free
7,72 Gb Paging File | 5,34 Gb Available in Paging File | 69,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 14,97 Gb Free Space | 21,35% Space Free | Partition Type: NTFS
Drive D: | 378,36 Gb Total Space | 362,25 Gb Free Space | 95,74% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,48 Gb Free Space | 74,57% Space Free | Partition Type: FAT32

Computer Name: MILAN-NBK | User Name: Milan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.04 15:40:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Milan\Desktop\OTL.exe
PRC - [2012.12.24 15:36:58 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012.12.20 18:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.12.20 18:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.12.18 01:10:18 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
PRC - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012.09.12 11:17:12 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.06.09 08:55:16 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010.02.11 04:23:14 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe
PRC - [2010.02.11 04:19:36 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe
PRC - [2010.02.11 04:16:38 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServices.exe
PRC - [2010.02.11 04:05:50 | 000,010,752 | ---- | M] () -- C:\Windows\SysWOW64\FUSServices.exe
PRC - [2009.12.16 02:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009.12.16 02:08:40 | 000,704,512 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
PRC - [2009.12.12 02:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\system\uArcCapture.exe
PRC - [2009.11.25 03:57:20 | 000,627,976 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2009.11.19 00:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009.11.04 22:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.11.04 22:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.10.23 20:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (No Company Name) ==========

MOD - [2013.01.04 00:22:15 | 000,221,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2013.01.04 00:22:05 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\59d00fa60a9e559f8717404a5032e6ba\System.Runtime.Remoting.ni.dll
MOD - [2013.01.04 00:21:40 | 001,812,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2013.01.03 23:37:22 | 018,022,400 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2013.01.03 23:37:09 | 011,522,560 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2013.01.03 23:37:00 | 007,070,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2013.01.03 23:36:57 | 003,882,496 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2013.01.03 23:36:56 | 005,617,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2013.01.03 23:36:52 | 000,982,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2013.01.03 23:36:51 | 009,095,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2013.01.03 23:36:46 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012.11.18 18:02:20 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll
MOD - [2012.11.18 17:59:31 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.18 17:59:10 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.18 17:59:05 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.18 17:58:54 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.18 17:58:49 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.18 17:58:45 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.18 17:58:44 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.18 17:58:40 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.11.07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012.09.03 23:18:42 | 000,600,868 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
MOD - [2012.07.26 11:51:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2012.04.30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012.04.04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012.03.16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012.02.13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2011.01.05 15:01:12 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
MOD - [2010.12.07 07:45:41 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.02.11 22:47:04 | 000,636,176 | ---- | M] () -- C:\Windows\SysWOW64\SUPSDK.dll
MOD - [2010.02.11 04:23:14 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe
MOD - [2010.02.11 04:23:04 | 000,794,624 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\Utility32.dll
MOD - [2010.02.11 04:22:12 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\SuString.dll
MOD - [2010.02.11 04:22:10 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\Advanced.dll
MOD - [2010.02.11 04:19:36 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe
MOD - [2010.02.11 04:16:58 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\SMSU.dll
MOD - [2010.02.11 04:16:38 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServices.exe
MOD - [2010.02.11 04:15:56 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceFOLDERu.dll
MOD - [2010.02.11 04:15:48 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\FAXU.dll
MOD - [2010.02.11 04:12:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceTR29U.dll
MOD - [2010.02.11 04:12:34 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\PrintFaxU.dll
MOD - [2010.02.11 04:12:30 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\Pdg32U.dll
MOD - [2010.02.11 04:12:26 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\DigitalizerU.dll
MOD - [2010.02.11 04:12:20 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\TiffU.dll
MOD - [2010.02.11 04:11:54 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceTSU.dll
MOD - [2010.02.11 04:11:52 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceMONU.dll
MOD - [2010.02.11 04:11:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceHTTPU.dll
MOD - [2010.02.11 04:11:42 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFServiceAPIU.dll
MOD - [2010.02.11 04:11:26 | 000,503,808 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\PlugInU.dll
MOD - [2010.02.11 04:10:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\DeviceU.dll
MOD - [2010.02.11 04:10:50 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\HAL\XMLDIUSBU.dll
MOD - [2010.02.11 04:10:42 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\HAL\XMLDILANU.dll
MOD - [2010.02.11 04:10:36 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\HTTPClientU.dll
MOD - [2010.02.11 04:10:32 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\SMTPServerU.dll
MOD - [2010.02.11 04:10:28 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\SMTPClientU.dll
MOD - [2010.02.11 04:10:26 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\MFMimeParserU.dll
MOD - [2010.02.11 04:10:12 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\AddressBookU.dll
MOD - [2010.02.11 04:09:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\ComponentsU.dll
MOD - [2010.02.11 04:09:28 | 000,417,792 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\ControlsU.dll
MOD - [2010.02.11 04:08:58 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\RouterU.dll
MOD - [2010.02.11 04:08:48 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\GraphicsU.dll
MOD - [2010.02.11 04:08:42 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\ProtocolU.dll
MOD - [2010.02.11 04:08:10 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\Utility32U.dll
MOD - [2010.02.11 04:07:12 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\SuStringU.dll
MOD - [2010.02.11 04:07:10 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\AdvancedU.dll
MOD - [2010.02.10 22:13:00 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Xerox Companion Suite\QTrace.dll
MOD - [2010.01.11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
MOD - [2009.11.17 23:39:36 | 000,329,272 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.08.05 00:22:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.06.19 01:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2010.06.09 08:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.05.10 08:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2010.04.05 20:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.03.17 13:48:42 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.12.16 02:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV:64bit: - [2009.12.16 02:08:40 | 000,704,512 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe -- (DEBridge)
SRV:64bit: - [2009.12.14 20:15:58 | 002,019,120 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.11.25 03:57:20 | 000,462,088 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.08 22:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe -- (AESTFilters)
SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.06.21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.17 13:48:42 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe -- (STacSV)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2010.02.11 04:05:50 | 000,010,752 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\FUSServices.exe -- (FUSServices)
SRV - [2010.01.26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.12.14 19:47:46 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009.12.12 02:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009.12.04 13:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\system\uArcCapture.exe -- (uArcCapture)
SRV - [2009.11.19 00:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009.11.17 23:39:16 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2009.11.04 22:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.11.04 22:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.10.23 20:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe -- (AESTFilters)
SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.15 02:25:25 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.11.26 18:02:20 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.05 00:52:36 | 006,859,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 23:47:20 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.10 02:24:24 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.10 02:23:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.10 02:23:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.10 02:23:32 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.10 02:23:32 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.04 04:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.05.21 03:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010.05.06 01:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.17 13:48:42 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.02.16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.02.10 12:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.29 23:04:32 | 000,055,808 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XMLDIUSB.sys -- (XMLDIUSB)
DRV:64bit: - [2010.01.12 23:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.12.16 02:12:22 | 000,015,688 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\SbFsLock.sys -- (SbFsLock)
DRV:64bit: - [2009.12.16 02:12:20 | 000,058,184 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\RsvLock.sys -- (RsvLock)
DRV:64bit: - [2009.12.16 02:12:18 | 000,056,648 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SafeBoot.sys -- (SafeBoot)
DRV:64bit: - [2009.12.04 11:48:18 | 000,032,640 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2009.11.11 10:11:00 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.10.21 22:37:52 | 000,040,760 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.08 22:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009.07.08 22:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 20:32:52 | 000,060,160 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\SbAlg.sys -- (SbAlg)
DRV:64bit: - [2009.03.25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009.03.25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic)
DRV:64bit: - [2009.03.25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV:64bit: - [2009.03.25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009.03.25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus)
DRV:64bit: - [2009.03.25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5)
DRV:64bit: - [2009.03.25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009.12.16 02:12:28 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009.12.16 02:12:16 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\SysWow64\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009.12.16 02:12:14 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\SysWow64\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009.12.16 02:12:10 | 000,110,520 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysWow64\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{AD60C704-063D-4B46-B90A-9ED773C300F3}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{AD60C704-063D-4B46-B90A-9ED773C300F3}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\..\SearchScopes,DefaultScope = {0F6A7B9B-7D81-4761-8E0C-2C11503844FA}
IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\..\SearchScopes\{0F6A7B9B-7D81-4761-8E0C-2C11503844FA}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.cz/search?q={searchTe ... 1I7ADFA_cs
IE - HKU\S-1-5-21-2197893980-887659782-124407315-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010.12.07 07:33:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.24 15:37:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012.12.24 15:37:34 | 000,000,000 | ---D | M]

[2011.07.17 11:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Milan\AppData\Roaming\Mozilla\Extensions
[2011.07.17 11:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Milan\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealDownloader = C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Gmail = C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2197893980-887659782-124407315-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MFFSum_Pro_LL2] C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe ()
O4 - HKLM..\Run: [MFPrintServer_Pro_LL2] C:\Program Files (x86)\Xerox Companion Suite\MFPrintServer.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2197893980-887659782-124407315-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2197893980-887659782-124407315-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-2197893980-887659782-124407315-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2197893980-887659782-124407315-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2197893980-887659782-124407315-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A5746C1-00C0-4F5D-8909-AAA307AA373A}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B8A8946-6526-46AA-92F5-48C52759870E}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Limited)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{243c3945-4c20-11e1-b511-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{243c3945-4c20-11e1-b511-e02a82d43232}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{243c39e6-4c20-11e1-b511-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{243c39e6-4c20-11e1-b511-e02a82d43232}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{7b0e8d97-577b-11e0-92ae-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0e8d97-577b-11e0-92ae-e02a82d43232}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{8a170e14-b468-11e0-bf73-e02a82add887}\Shell - "" = AutoRun
O33 - MountPoints2\{8a170e14-b468-11e0-bf73-e02a82add887}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{8a170e3d-b468-11e0-bf73-e02a82add887}\Shell - "" = AutoRun
O33 - MountPoints2\{8a170e3d-b468-11e0-bf73-e02a82add887}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{8d212ea7-b05d-11e0-94d6-e02a82add887}\Shell - "" = AutoRun
O33 - MountPoints2\{8d212ea7-b05d-11e0-94d6-e02a82add887}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{8d212eb5-b05d-11e0-94d6-e02a82add887}\Shell - "" = AutoRun
O33 - MountPoints2\{8d212eb5-b05d-11e0-94d6-e02a82add887}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{9389fe96-aedb-11e0-8aaf-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{9389fe96-aedb-11e0-8aaf-e02a82d43232}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\{afa4e775-cdff-11e1-89cf-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{afa4e775-cdff-11e1-89cf-e02a82d43232}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{ff2e3316-4cee-11e0-8e7f-e02a82d43232}\Shell - "" = AutoRun
O33 - MountPoints2\{ff2e3316-4cee-11e0-8e7f-e02a82d43232}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.04 15:40:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Milan\Desktop\OTL.exe
[2013.01.04 00:12:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.01.03 23:49:31 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys
[2013.01.03 23:49:31 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys
[2013.01.03 23:44:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.01.03 23:44:20 | 000,000,000 | ---D | C] -- C:\Users\Milan\AppData\Local\Samsung
[2013.01.03 23:44:19 | 000,000,000 | ---D | C] -- C:\Users\Milan\AppData\Roaming\Samsung
[2013.01.03 23:44:17 | 000,000,000 | ---D | C] -- C:\Users\Milan\Documents\samsung
[2013.01.03 23:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.01.03 23:42:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.01.03 23:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.01.03 23:40:39 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\windows\SysWow64\Redemption.dll
[2013.01.03 23:40:29 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\windows\SysWow64\dgderapi.dll
[2013.01.03 23:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.01.03 23:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.01.03 23:34:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.01.03 23:08:10 | 000,000,000 | ---D | C] -- C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
[2013.01.02 19:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.02 19:57:31 | 000,000,000 | ---D | C] -- C:\rsit

========== Files - Modified Within 7 Days ==========

[2013.01.04 15:46:25 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.04 15:46:25 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.04 15:45:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.04 15:40:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Milan\Desktop\OTL.exe
[2013.01.04 15:37:01 | 001,586,070 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.04 15:37:01 | 000,669,926 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013.01.04 15:37:01 | 000,655,280 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.04 15:37:01 | 000,141,526 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013.01.04 15:37:01 | 000,122,152 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.04 15:32:56 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.04 15:31:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.04 15:31:55 | 4143,374,336 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.04 13:32:18 | 000,000,950 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.04 00:37:57 | 000,000,484 | ---- | M] () -- C:\Users\Milan\Desktop\MojeBanka Business.website
[2013.01.03 23:44:16 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.01.03 23:44:16 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.01.03 23:38:25 | 001,565,292 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.01.03 23:14:38 | 000,025,664 | ---- | M] () -- C:\Users\Milan\Desktop\C510#9.dbk
[2013.01.03 22:17:08 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013.01.03 22:17:08 | 000,000,088 | RHS- | M] () -- C:\ProgramData\173B370B4A.sys
[2013.01.03 20:33:08 | 000,016,982 | ---- | M] () -- C:\Users\Milan\Desktop\výdaje za byt Sy.ods
[2013.01.03 16:47:16 | 000,000,652 | ---- | M] () -- C:\Users\Milan\Desktop\Zprávy - Aktuálně.cz.website
[2013.01.02 19:57:00 | 000,935,175 | ---- | M] () -- C:\Users\Milan\Desktop\RSITx64.exe
[2013.01.02 19:51:14 | 000,007,604 | ---- | M] () -- C:\Users\Milan\AppData\Local\resmon.resmoncfg
[2012.12.31 11:51:38 | 000,000,980 | ---- | M] () -- C:\Users\Milan\Desktop\mapa.website

========== Files Created - No Company Name ==========

[2013.01.04 15:45:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.03 23:44:16 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.01.03 23:44:16 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.01.03 23:19:06 | 000,025,664 | ---- | C] () -- C:\Users\Milan\Desktop\C510#9.dbk
[2013.01.03 21:37:58 | 000,016,982 | ---- | C] () -- C:\Users\Milan\Desktop\výdaje za byt Sy.ods
[2013.01.02 19:55:30 | 000,935,175 | ---- | C] () -- C:\Users\Milan\Desktop\RSITx64.exe
[2012.12.18 10:06:10 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2012.12.18 10:06:06 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012.12.17 17:16:15 | 000,007,604 | ---- | C] () -- C:\Users\Milan\AppData\Local\resmon.resmoncfg
[2012.08.17 10:27:20 | 000,007,168 | ---- | C] () -- C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.22 23:31:02 | 000,000,001 | R--- | C] () -- C:\Users\Milan\serverport
[2011.10.31 21:51:28 | 000,000,088 | RHS- | C] () -- C:\ProgramData\173B370B4A.sys
[2011.10.31 21:51:23 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.06.08 19:33:31 | 000,237,568 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2011.05.17 20:54:10 | 000,001,854 | ---- | C] () -- C:\Users\Milan\AppData\Roaming\GhostObjGAFix.xml
[2011.03.28 21:08:18 | 000,000,056 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2011.02.28 02:04:52 | 000,000,108 | ---- | C] () -- C:\windows\wincmd.ini
[2011.02.27 23:30:09 | 001,565,292 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.02.15 02:21:42 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.02.27 23:05:50 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\DigitalPersona
[2011.03.07 02:24:51 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\GHISLER
[2011.03.07 23:12:49 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\IObit
[2012.12.26 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Nokia
[2012.08.17 10:41:56 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\PC Suite
[2011.07.17 11:30:27 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Philips-Songbird
[2013.01.03 23:44:19 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Samsung
[2011.03.26 09:08:44 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Sony
[2011.03.26 08:57:56 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Sony Setup
[2011.06.30 11:48:18 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\TeamViewer

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,522 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2011.03.20 23:13:22 | 000,000,946 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.03.20 23:13:23 | 000,000,950 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011.05.31 21:37:28 | 000,000,332 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForMilan.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.10.01 08:17:00 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=2632B7125E0730E019532CFCFFFFBFC0 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_e28cf2983c0715a1\autochk.exe
[2009.10.01 08:42:15 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=3AE12EC776AB9830462E8197FB5C88CF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.20538_none_3eab8e1bf46486d7\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.12.07 07:57:16 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.12.07 07:51:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.12.07 07:57:16 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.12.07 07:51:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.12.07 07:57:16 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.12.07 07:51:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.12.07 07:57:16 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.12.07 07:51:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.09.01 07:34:28 | 000,263,256 | ---- | M] (Microsoft Corporation) MD5=01B586A0B8C8D860457892F80B85A5CD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16416_none_076a95ef732190e3\hal.dll
[2009.09.01 08:03:17 | 000,263,240 | ---- | M] (Microsoft Corporation) MD5=514D418248FECD24D96E7219162BDFDD -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.20519_none_07f733988c3c7cb2\hal.dll
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

davys · #13 Příspěvek od **davys** » 04 led 2013 16:11

Druhá část OTL.txt

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\windows\SysNative\drivers\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 07:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.12.07 08:07:31 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012.03.30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 06:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 12:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.12.07 08:07:31 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 08:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 17:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.06.21 07:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 17:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.12.07 07:57:16 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.12.07 07:57:16 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[25 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.03.23 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Adobe
[2011.07.31 15:31:48 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\ArcSoft
[2011.02.27 23:18:52 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\ATI
[2011.10.31 21:51:27 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Corel
[2013.01.03 22:17:11 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\CorelHomeOffice
[2011.02.27 23:05:50 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\DigitalPersona
[2011.03.07 02:24:51 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\GHISLER
[2011.03.23 16:22:41 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Hewlett-Packard
[2011.02.27 23:07:21 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\hpqLog
[2011.02.27 23:17:32 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Identities
[2011.02.27 23:17:51 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Intel Corporation
[2011.03.07 23:12:49 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\IObit
[2011.02.28 01:17:58 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Macromedia
[2013.01.02 20:20:14 | 000,000,000 | --SD | M] -- C:\Users\Milan\AppData\Roaming\Microsoft
[2011.07.17 11:30:30 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Mozilla
[2012.12.26 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Nokia
[2012.08.17 10:41:56 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\PC Suite
[2011.07.17 11:30:27 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Philips-Songbird
[2011.11.24 20:05:30 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Real
[2012.12.24 15:38:01 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\RealNetworks
[2013.01.03 23:44:19 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Samsung
[2011.09.16 06:49:26 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Skype
[2011.06.25 23:01:00 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\skypePM
[2011.03.26 09:08:44 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Sony
[2011.03.26 08:57:56 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\Sony Setup
[2011.06.30 11:48:18 | 000,000,000 | ---D | M] -- C:\Users\Milan\AppData\Roaming\TeamViewer

< %APPDATA%\*.exe /s >
[2012.10.03 22:20:40 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012.12.20 21:43:24 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2012.12.20 21:43:24 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012.12.21 07:49:54 | 039,416,288 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe
[2012.12.21 07:47:42 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Milan\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe
[2011.03.26 08:58:46 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Users\Milan\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.01.04 15:32:56 | 000,000,946 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.04 13:32:18 | 000,000,950 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.18 22:45:49 | 000,000,332 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForMilan.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.04 15:32:13 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2013.01.03 23:38:25 | 001,565,292 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sony PC Companion" = "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background -- [2012.09.12 11:17:12 | 000,445,624 | ---- | M] (Sony)
"KiesPreload" = C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload -- [2012.12.20 18:44:26 | 001,476,104 | ---- | M] (Samsung)
"KiesAirMessage" = C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup -- [2012.12.18 01:10:18 | 000,578,560 | ---- | M] (Samsung Electronics)
"" = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2012.12.20 18:44:32 | 000,844,296 | ---- | M] (Samsung)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.11.14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.12.05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) MD5=2D08AC1443FFA7FBED9A5EA5FD49AEB3 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.04 15:45:50 | 000,000,512 | ---- | M] () MD5=E1E8908E8189601ADAF1D42DA6F00B43 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.03.07 04:06:14 | 000,006,774 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\crack-found[1].jpg
[2011.03.07 03:52:52 | 000,024,227 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\cracked_warez_search[1].htm
[2011.03.07 03:39:18 | 000,000,358 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\dref=http%253A%252F%252Fwww.blogsdna.com%252F7084%252Fhackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 03:41:48 | 000,001,040 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\dref=http%253A%252F%252Fwww.blogsdna.com%252F7084%252Fhackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[2].htm
[2011.03.07 03:52:33 | 000,066,912 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\office+2010+crack[1].htm
[2011.03.07 02:52:55 | 000,041,445 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\crack-windows-password-00[1].png
[2011.03.07 02:52:45 | 000,040,577 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\Cracks%20and%20Keygens[1]
[2011.03.07 03:39:07 | 000,068,487 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\hackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 04:05:06 | 000,058,250 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\ms+office+2010+crack+free+download[1].htm
[2011.03.07 04:05:50 | 000,004,150 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\ms-office-2010-crack-free-download[1].htm
[2011.03.07 04:08:43 | 000,052,600 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\ms-office-2010-crack-free[1].htm
[2011.03.07 03:04:01 | 000,028,043 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\114095,microsoft-office-2010-crack[1].htm
[2011.03.07 04:06:14 | 000,010,587 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\crack[1].htm
[2011.03.07 03:41:53 | 000,000,358 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\dref=http%253A%252F%252Fwww.blogsdna.com%252F7084%252Fhackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 03:39:22 | 000,000,017 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\hackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 03:41:57 | 000,000,017 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\hackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[2].htm
[2011.03.07 04:05:46 | 000,003,580 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\ms-office-2010-crack-free-download[1].htm
[2011.03.07 04:07:39 | 000,053,038 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\ms-office-2010-crack[1].htm
[2011.03.07 03:50:39 | 000,066,965 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\office+2010+crack[1].htm
[2011.03.07 03:51:09 | 000,003,416 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\office_2010_crack[1].htm
[2011.03.07 03:51:54 | 000,003,987 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\office_2010_crack[2].htm
[2011.03.07 03:39:13 | 000,001,040 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\dref=http%253A%252F%252Fwww.blogsdna.com%252F7084%252Fhackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 03:41:39 | 000,000,017 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\hackers-cracked-office-2010-rc-to-bypass-activation-without-product-key[1].htm
[2011.03.07 02:52:50 | 000,003,930 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\HackingAndCracking[1].gif
[2011.03.07 04:10:21 | 000,035,566 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\microsoft+office+2010+Crack+kms+activator[1].htm
[2011.03.07 03:00:56 | 000,002,148 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\microsoft_office_2010_keygen_free_download_crack_december_2[1].jpg
[2011.03.07 04:08:05 | 000,048,487 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\ms-office-2010-crack-file[1].htm
[2011.03.07 04:06:14 | 000,000,385 | ---- | M] () -- \Users\Milan\AppData\Roaming\Microsoft\Windows\Cookies\Low\milan@crackfound[2].txt

< *keygen* /s >
[2011.03.07 02:52:45 | 000,040,577 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\Cracks%20and%20Keygens[1]
[2011.03.07 03:12:46 | 000,069,998 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\keygenguru_com[1].htm
[2011.03.07 03:00:56 | 000,002,148 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\microsoft_office_2010_keygen_free_download_crack_december_2[1].jpg
[2011.03.07 03:13:40 | 000,000,389 | ---- | M] () -- \Users\Milan\AppData\Roaming\Microsoft\Windows\Cookies\Low\milan@keygenguru[1].txt
[2011.03.07 03:53:24 | 000,000,574 | ---- | M] () -- \Users\Milan\AppData\Roaming\Microsoft\Windows\Cookies\Low\milan@keygens[1].txt

< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.09.07 17:06:48 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2010.09.07 16:52:54 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2012.11.30 14:22:10 | 000,251,793 | ---- | M] () -- \Program Files (x86)\RealNetworks\RealDownloader\downloader.vs
[2012.12.20 12:33:50 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2012.11.15 14:00:16 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2009.10.23 15:41:45 | 012,010,264 | ---- | M] () -- \Program Files (x86)\Sony Setup\Media Go\PSNDownloaderSetup.exe
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2012.12.24 15:37:39 | 000,002,563 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2011.07.31 15:04:11 | 000,006,801 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\DisabledExt\Chrome\Content\browserrecordloader.js
[2011.07.31 15:04:11 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\DisabledExt\Chrome\Content\browserrecordloader.xul
[2012.11.29 20:30:58 | 000,013,246 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.11.29 20:10:16 | 000,000,319 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.11.29 20:35:38 | 000,002,584 | ---- | M] () -- \ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.24 15:37:39 | 000,002,563 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk
[2011.07.31 15:04:11 | 000,006,801 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\DisabledExt\Chrome\Content\browserrecordloader.js
[2011.07.31 15:04:11 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\DisabledExt\Chrome\Content\browserrecordloader.xul
[2012.11.29 20:30:58 | 000,013,246 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.11.29 20:10:16 | 000,000,319 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.11.29 20:35:38 | 000,002,584 | ---- | M] () -- \Users\All Users\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.26 14:06:30 | 000,000,723 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3RSPQX5D\ajax-loader[1].gif
[2013.01.04 09:08:30 | 000,003,885 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5H1LDETM\loader[1].js
[2012.12.26 21:36:00 | 000,014,290 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5H1LDETM\TooltipLoader[1].js
[2012.12.29 13:19:21 | 000,000,336 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7N7IML1A\11920-1-loader[1].js
[2013.01.02 22:44:19 | 000,000,673 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7N7IML1A\loader[1].gif
[2012.12.26 12:04:20 | 000,000,673 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8WFDQCL1\loader.white[1].gif
[2012.12.27 15:30:25 | 000,001,103 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8WFDQCL1\oneMscomJsCssLoader[1].js
[2013.01.01 22:02:22 | 000,000,336 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDDMQTJ6\11926-1-loader[1].js
[2013.01.02 08:08:35 | 000,000,673 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDDMQTJ6\loader.white[1].gif
[2013.01.02 19:47:39 | 000,002,364 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O8XD21W6\loader[1].gif
[2012.12.26 21:36:00 | 000,000,905 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDMBBAJ8\TooltipLoader[1].css
[2012.12.18 23:26:48 | 000,000,414 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUFCE4E6\facebook_api_loader[1].js
[2013.01.01 20:10:42 | 000,001,737 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VA2W4AYP\loader[1].gif
[2012.12.30 10:44:48 | 000,010,819 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YHHEL261\loader-wide[1].gif
[2012.12.17 22:38:28 | 000,005,085 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YHHEL261\preloader[1].gif
[2011.03.07 03:39:18 | 000,004,178 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\dsq-loader-dark[1].gif
[2011.02.28 02:02:06 | 000,002,031 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\73N2K2UZ\vbulletin_post_loader[1].js
[2011.02.28 01:07:53 | 000,010,819 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\ajax-loader[1].gif
[2011.02.28 01:09:30 | 000,010,819 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\ajax-loader[2].gif
[2011.02.28 02:02:09 | 000,001,797 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\grey_loader[1].gif
[2011.03.07 03:40:19 | 000,001,797 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AZX4A7DA\grey_loader[2].gif
[2011.02.28 01:08:11 | 000,006,820 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\ajax-loader-big[1].gif
[2011.02.28 01:08:05 | 000,001,849 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\ajax-loader[1].gif
[2011.03.07 04:05:05 | 000,001,488 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\loader-bg[1].png
[2011.03.07 03:14:27 | 000,005,655 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GH4X00JZ\Loader_19026[1].js
[2011.03.07 04:05:05 | 000,001,631 | ---- | M] () -- \Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XPTGO07V\loader[1].gif
[2011.11.27 21:33:44 | 000,007,715 | ---- | M] () -- \Users\Milan\AppData\Local\Temp\~rnsetu0\BROWSERRECORDPLUGIN\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.11.27 21:33:45 | 000,000,319 | ---- | M] () -- \Users\Milan\AppData\Local\Temp\~rnsetu0\BROWSERRECORDPLUGIN\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2013.01.04 15:41:09 | 000,026,702 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-8405D981.pf
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.12.07 07:46:08 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.12.07 07:46:08 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.12.07 07:46:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.12.07 07:46:08 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.12.07 07:46:08 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.06.28 20:31:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.06.28 20:31:58 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.06.28 20:31:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.06.28 20:31:59 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.06.28 20:31:59 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.12.07 07:43:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

davys · #14 Příspěvek od **davys** » 04 led 2013 16:12

A terazky Extras.txt

OTL Extras logfile created on: 4.1.2013 15:43:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,86 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 48,25% Memory free
7,72 Gb Paging File | 5,34 Gb Available in Paging File | 69,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,11 Gb Total Space | 14,97 Gb Free Space | 21,35% Space Free | Partition Type: NTFS
Drive D: | 378,36 Gb Total Space | 362,25 Gb Free Space | 95,74% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,48 Gb Free Space | 74,57% Space Free | Partition Type: FAT32

Computer Name: MILAN-NBK | User Name: Milan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2197893980-887659782-124407315-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\windows\system32\rundll32.exe" "C:\windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1177EE7C-C193-41B3-B257-65550E259837}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3961C249-940D-40CB-AF80-BA5CE018D39A}" = rport=138 | protocol=17 | dir=out | app=system |
"{469748B6-8724-4BA5-85D0-DBB9DE6D9AE1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{51A34BCF-1AC6-4256-B924-83683090F2CF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{678E4579-C8C1-4581-8944-4F42C67A1601}" = lport=138 | protocol=17 | dir=in | app=system |
"{681A7BAC-6ABF-4F66-8E24-82BDFF37A8EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{69B7A700-F0AE-4451-B15D-8842731C5F7E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{743434B3-6823-42BA-A590-931436C9558D}" = lport=139 | protocol=6 | dir=in | app=system |
"{75BC7F75-803A-46DD-B0A5-426C0CB0E793}" = rport=445 | protocol=6 | dir=out | app=system |
"{78B10923-20A8-451A-AE0D-C3D920CCE4AE}" = lport=445 | protocol=6 | dir=in | app=system |
"{84D1C65D-2A5F-4AF2-A198-B39BD3491B56}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D799C8B-854F-4D5D-A33A-BB9FC5D34AE0}" = lport=137 | protocol=17 | dir=in | app=system |
"{A811D4FB-436F-439F-94C3-B8CD245CF7EA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A856FC4A-E19A-4F8E-A706-EBB5530876D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B465562A-B6E8-48DA-9D05-22870DDA78B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BAE4E72C-0D74-4E45-82C3-7FC1973FB86E}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCC7F814-DBFA-4D47-9A14-A771F6642697}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DD41466D-5DCE-40D4-86F5-95B33089DAA5}" = lport=137 | protocol=17 | dir=in | app=system |
"{E5AD17CF-0896-4F73-9C7E-EB87EAACF403}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E87775BF-C56D-46A9-9FAE-13174AFB18F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F371D5A1-11B8-4CD1-A9E5-ABE0EB18D477}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCAA3CDF-4630-4A4F-B4A1-CF065B53DA22}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF5F02E3-2613-4FB2-9E26-EF7F8DA3DB40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004C994A-A99E-436D-8EC5-746901928F38}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{01524000-B887-4E35-A3AB-77F07648A9E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0BE9DB3B-EB83-4654-8477-658D15D14168}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19E315A5-6945-47DA-94E5-9D4A9B5152DF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2B9716B4-883B-4B7B-86E0-70B8311484E5}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{3D420757-5B8A-4F1C-B8B5-DAD02D735A7F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4998E3BB-D7A2-4ABD-823B-9949E901B864}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FC2A1B2-591E-4EDD-8E62-FC8B928A93F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{565171D8-8E93-401A-A404-EF47BD415072}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{5E128A27-B3A4-4A48-ABB9-BA537D78E72F}" = protocol=6 | dir=out | app=system |
"{62E32B4A-F818-487D-B2CA-E0EF04378877}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69BC8130-5206-46AE-B6B5-85F4F9861566}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{727043CD-6518-4E44-9439-0DDBA0D6B927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7AEE2868-5F6F-435E-BCD7-044BC7059123}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8359F05C-B679-4977-82E7-585343FE5589}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{83CBBB96-0F7E-4FC3-9D97-3826A6A6FB4B}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{85D23656-F70B-450B-AA7A-50D35BA4EA4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{881B1D0A-E890-4A6F-96CC-946BEFD393A1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A87AE889-C8C0-4AC7-9CF5-C2A0F297225B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8A584D8-6E8A-4584-A067-E06845175CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACAB10D9-CBFC-4E75-9783-3AEB6950F2DB}" = dir=in | app=c:\program files (x86)\xerox companion suite\mfservices.exe |
"{B2FC75A0-835F-458F-8B35-ACFBA86EFB5F}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{B3591176-AA01-4979-AF2E-54184D3F0C20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B50208D7-9B04-4AD1-BD5B-A93DDEEC6575}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D8AF84B4-AF42-4BB1-A957-5534DF861472}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E097A75D-DA42-43F6-93DB-5FA493436DDC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{51DA8A5A-95FE-4570-972E-6D29E6F64311}C:\users\milan\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\milan\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |
"TCP Query User{B9DD9158-0F45-43FE-AB25-21C23D95913D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{EE20A496-920C-4982-B633-6B35002E6C24}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{06BE4C36-566C-4E1C-9FBC-30E9F803F4FE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{6E59A79E-8A1C-4110-88CE-86CA56D6768D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{F097EE45-5443-427C-907F-A5B6762702A2}C:\users\milan\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\milan\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}" = Privacy Manager for HP ProtectTools
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18B7C522-0623-C939-C17D-65359FB42BDB}" = ccc-utility64
"{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}" = HP Power Assistant
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}" = HP QuickLook
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}" = Validity Fingerprint Driver
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67C090D6-109A-47D7-8DED-4160C4D96F32}" = HP 3D DriveGuard
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}" = Drive Encryption for HP ProtectTools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A78F11F2-A478-4BF8-A29A-63746D8A97C9}" = HP ProtectTools Security Manager
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E534C3AC-6D49-4EAC-8993-C1F0FF545B67}" = ATI Catalyst Install Manager
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F2177395-FD90-44B0-AFB8-2E0566855E5C}" = HP Power Data
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{016E43D3-6E3A-507C-5180-08A592A09D93}" = CCC Help Russian
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{049F82E6-AA8C-D885-07A0-FF69690DD9C5}" = CCC Help Chinese Standard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0EAB8F33-5A3E-BE80-3D11-7BBD79FB002A}" = CCC Help Thai
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2606650A-9367-D0AE-EF8D-CF627C9082E4}" = Catalyst Control Center Graphics Previews Vista
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{345E500B-471A-593B-BCEA-EE73E391CFBD}" = CCC Help Korean
"{34D8A788-9397-4695-86BF-B6920284CC65}_is1" = Power AMR MP3 WAV WMA M4A AC3 Audio Converter 4.1
"{3556F018-53B9-2715-5F8A-4C40E529DA76}" = CCC Help Hungarian
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{466AA29C-0BE5-902A-BD90-D87C846CD947}" = CCC Help Turkish
"{46A5EF84-99CF-2BA6-EF3E-5438190CBA5F}" = Catalyst Control Center Localization All
"{480E1460-BEEA-828B-9802-82C440EA5E5B}" = CCC Help Swedish
"{481C9A00-91AC-4065-870C-BD4E28186E5A}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACE3E86-78B6-43A1-B104-E3F3006FC576}" = Xerox Phaser 3100MFP Drivers
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{586414D6-B3E1-F163-223D-D298E80727E1}" = CCC Help Czech
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5DFE5A09-5030-6B21-6E8E-987FAD247BD2}" = CCC Help Polish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72A7495B-18CD-4751-AC38-5DBED9C6B1E7}" = YouTube Downloader Toolbar v4.6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7861911B-4270-498A-8F7A-FCF0570F487D}" = HP QuickWeb
"{7D90F99D-0D3A-9B0F-1AB6-4C142098A23C}" = CCC Help Portuguese
"{8111D017-F77E-4387-B07E-4C4ACF4866FA}" = CCC Help Norwegian
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEAB1B-72AC-4C99-B5CB-C9B37C86F11F}" = Catalyst Control Center - Branding
"{9FA32684-39EF-10A1-4896-95A28BD2A51C}" = CCC Help English
"{A60F1207-CB8B-DFE4-B0B2-28781A9918F5}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90}" = Xerox Phaser3100 MFP
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B31E60DA-0FB3-8C8F-7F00-8FC5A2E716A6}" = CCC Help Danish
"{BB922B1F-5CFB-C323-F35C-517FA74BF17E}" = CCC Help French
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C7FD3148-0065-253C-E0A9-62C1B2307421}" = CCC Help Italian
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{D21160A2-8B5F-409C-99C8-03582F5324B7}" = HP Documentation
"{D3E71122-71F0-C06F-A482-8997D22301F4}" = CCC Help Japanese
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D89F6F7C-1966-9408-40A7-4877F5A85005}" = ccc-core-static
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DC1F523C-FB0A-885F-CC3F-FA7E749213B6}" = CCC Help Dutch
"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{E9729C11-2758-5F56-B661-3D99498454CA}" = CCC Help Spanish
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1410C34-CCC7-4443-B698-7E9FF42F4FA3}" = Corel Home Office
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F626688A-B307-2D16-DDCE-F24633F848F2}" = Catalyst Control Center InstallProxy
"{F75A2405-6EF2-8651-3C36-FEA98F6681ED}" = CCC Help German
"{F7E55D3B-D675-4511-6B36-2766DC819432}" = CCC Help Chinese Traditional
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FC023480-A05B-ED84-877F-547EA3CD3DCB}" = CCC Help Finnish
"Drive Encryption" = Drive Encryption for HP ProtectTools
"Google Chrome" = Google Chrome
"Graph_is1" = Graph 3.1.5
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"PDF Complete" = PDF Complete Special Edition
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"RealPlayer 16.0" = RealPlayer
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Update Engine" = Sony Ericsson Update Engine
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2197893980-887659782-124407315-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1.1.2013 15:31:09 | Computer Name = Milan-NBK | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16457 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 644 Čas spuštění: 01cde85670374ddc Čas ukončení: 110 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\iexplore.exe ID hlášení:

Error - 1.1.2013 16:17:06 | Computer Name = Milan-NBK | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16457 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 460 Čas spuštění: 01cde85c6bec9bdd Čas ukončení: 140 Cesta k aplikaci: C:\Program
Files\Internet Explorer\iexplore.exe ID hlášení: 2b3a701e-5450-11e2-82d9-64315013667c

Error - 2.1.2013 2:27:06 | Computer Name = Milan-NBK | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16457 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1270 Čas spuštění: 01cde8b20bed802d Čas ukončení: 281 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\iexplore.exe ID hlášení:

Error - 2.1.2013 3:06:57 | Computer Name = Milan-NBK | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 9.0.8112.16457 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1268 Čas spuštění: 01cde8b7991756f0 Čas ukončení: 540 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\iexplore.exe ID hlášení:

Error - 3.1.2013 12:28:23 | Computer Name = Milan-NBK | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 3.1.2013 18:46:19 | Computer Name = Milan-NBK | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 3.1.2013 18:46:19 | Computer Name = Milan-NBK | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 4.1.2013 4:09:54 | Computer Name = Milan-NBK | Source = System Restore | ID = 8193
Description =

Error - 4.1.2013 4:09:54 | Computer Name = Milan-NBK | Source = System Restore | ID = 8211
Description =

Error - 4.1.2013 4:20:06 | Computer Name = Milan-NBK | Source = VSS | ID = 12289
Description =

[ Hewlett-Packard Events ]
Error - 7.6.2011 14:45:48 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061107084540.xml
File not created by asset agent

Error - 7.6.2011 17:04:19 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061107110417.xml
File not created by asset agent

Error - 28.6.2011 15:24:00 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061128092352.xml
File not created by asset agent

Error - 19.7.2011 8:18:00 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071119021757.xml
File not created by asset agent

Error - 27.7.2011 7:16:32 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071127011627.xml
File not created by asset agent

Error - 2.8.2011 16:21:38 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081102102135.xml
File not created by asset agent

Error - 9.8.2011 18:11:59 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081110121157.xml
File not created by asset agent

Error - 16.8.2011 17:34:04 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081116113401.xml
File not created by asset agent

Error - 30.8.2011 16:41:38 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081130104129.xml
File not created by asset agent

Error - 7.9.2011 16:10:11 | Computer Name = Milan-NBK | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091107101008.xml
File not created by asset agent

[ HP Power Assistant Events ]
Error - 7.8.2011 15:28:05 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4). v HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) v HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) v HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

v HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8.8.2011 1:40:43 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8.8.2011 1:40:44 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4).

Error - 8.8.2011 1:40:44 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4). v HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) v HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) v HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

v HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8.8.2011 6:21:09 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8.8.2011 6:21:12 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4).

Error - 8.8.2011 6:21:12 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4). v HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) v HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) v HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

v HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8.8.2011 14:19:41 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
found in the dat file.

Error - 8.8.2011 14:19:42 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4).

Error - 8.8.2011 14:19:42 | Computer Name = Milan-NBK | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=USB\VID_0A5C&PID_21B4). v HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) v HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) v HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

v HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

[ HP Wireless Assistant Events ]
Error - 9.10.2012 17:32:30 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 13.10.2012 13:08:21 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 29.10.2012 16:57:33 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 3.11.2012 1:54:39 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 5.11.2012 15:08:53 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26.11.2012 18:04:04 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 27.11.2012 11:22:11 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2.12.2012 16:36:34 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 24.12.2012 18:01:59 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 25.12.2012 18:31:15 | Computer Name = Milan-NBK | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObject.Initialize(Boolean
getObject) v System.Management.ManagementBaseObject.get_Properties() v System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) v HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ Media Center Events ]
Error - 26.7.2011 6:05:49 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 12:05:49 - Chyba při připojování k Internetu 12:05:49 - Nelze kontaktovat
server..

Error - 26.7.2011 6:05:55 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 12:05:54 - Chyba při připojování k Internetu 12:05:54 - Nelze kontaktovat
server..

Error - 24.2.2012 2:18:40 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 7:18:40 - Chyba při připojování k Internetu 7:18:40 - Nelze kontaktovat
server..

Error - 24.2.2012 2:19:13 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 7:19:09 - Chyba při připojování k Internetu 7:19:09 - Nelze kontaktovat
server..

Error - 28.8.2012 16:31:42 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 22:31:42 - Chyba při připojování k Internetu 22:31:42 - Nelze kontaktovat
server..

Error - 28.8.2012 16:31:51 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 22:31:47 - Chyba při připojování k Internetu 22:31:47 - Nelze kontaktovat
server..

Error - 9.9.2012 15:06:43 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 21:06:42 - Chyba při připojování k Internetu 21:06:42 - Nelze kontaktovat
server..

Error - 9.9.2012 15:06:57 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 21:06:48 - Chyba při připojování k Internetu 21:06:48 - Nelze kontaktovat
server..

Error - 16.9.2012 16:37:01 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 22:37:01 - Chyba při připojování k Internetu 22:37:01 - Nelze kontaktovat
server..

Error - 16.9.2012 16:37:10 | Computer Name = Milan-NBK | Source = MCUpdate | ID = 0
Description = 22:37:06 - Chyba při připojování k Internetu 22:37:06 - Nelze kontaktovat
server..

[ System Events ]
Error - 26.12.2012 17:45:22 | Computer Name = Milan-NBK | Source = Service Control Manager | ID = 7000
Description = Služba Zjišťování interaktivních služeb neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 26.12.2012 17:52:23 | Computer Name = Milan-NBK | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Zjišťování interaktivních služeb bylo
dosaženo časového limitu (30000 ms).

Error - 26.12.2012 17:52:23 | Computer Name = Milan-NBK | Source = Service Control Manager | ID = 7000
Description = Služba Zjišťování interaktivních služeb neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 26.12.2012 20:06:51 | Computer Name = Milan-NBK | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 2.1.2013 2:27:36 | Computer Name = Milan-NBK | Source = Service Control Manager | ID = 7000
Description = Služba Intel(R) Rapid Storage Technology neuspěla při spuštění v důsledku
následující chyby: %%109

Error - 3.1.2013 18:48:16 | Computer Name = Milan-NBK | Source = Service Control Manager | ID = 7000
Description = Služba dgderdrv neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 3.1.2013 19:30:31 | Computer Name = Milan-NBK | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 4.1.2013 4:20:06 | Computer Name = Milan-NBK | Source = volsnap | ID = 393283
Description = Vytvářenou stínovou kopii svazku C: se nezdařilo nainstalovat.

Error - 4.1.2013 5:24:17 | Computer Name = Milan-NBK | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (10:22:36, ?4.?1.?2013) bylo neočekávané.

Error - 4.1.2013 5:24:28 | Computer Name = Milan-NBK | Source = BugCheck | ID = 1001
Description =

< End of report >

#15 Příspěvek od **vyosek** » 04 led 2013 16:23

Jen se zeptam, mate zakoupenou licenci na winwows

VIRY.CZ

Značně zpomaleny počítač

Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač

Re: Značně zpomaleny počítač