Prosím o preventivní kontrolu

[Teebo]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-05-21 13:37:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 263 GB (58%) free of 454 GB
Total RAM: 3978 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:37:11, on 21.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe
C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Michal\AppData\Roaming\TorrentStream\updater\tsupdate.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [TorrentStream] C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe
O4 - HKCU\..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3709121103-697001368-1351868520-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-3709121103-697001368-1351868520-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Startup: Dropbox.lnk = Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {537675de-6231-4c94-a204-c14207cd8f6f} - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS2\Services\Tcpip\..\{350719A6-CA5E-4B1C-B313-121017B2C3C7}: NameServer = 10.128.120.81
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Unknown owner - C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 17078 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 29070096
\??\C:\Windows\system32\conhost.exe "-608878957-1550995021754623046-687803833-15988546311365893750239166725-657017131
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe" runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" -D "C:/Program Files (x86)/PostgreSQL/8.4/data"
"C:\Program Files\IDT\WDM\sttray64.exe"
\??\C:\Windows\system32\conhost.exe "420290151-599871413115328853857717864-1848022355870994649-14377351961210538493
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "860" "-x3"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkboot" "836" "-x4"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkavlauncher" "860"
"C:/Program Files (x86)/PostgreSQL/8.4/bin/postgres.exe" "--forkcol" "836"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d89a592c-46d9-4dd2-b855-214c5a5d18b3 -SystemEventPortName:HostProcess-9f587a42-bb29-4023-bc83-5e20dec1ddca -IoCancelEventPortName:HostProcess-874aafea-d3e0-49f4-b7be-59757f918ade -NonStateChangingEventPortName:HostProcess-20c53b33-ba5c-4631-bdd1-b89e3ec19fa4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:317f4922-93d6-4e8d-888a-e96c098d0583 -DeviceGroupId:
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\Michal\AppData\Roaming\TorrentStream\engine\..\updater\tsupdate.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
-Minimized
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Windows\system32\notepad.exe"
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "C:\Users\Michal\Documents\Škola\Knihovna & výpisky\Matematika, 2e - Hájková, Johanis, John, Kalenda, Zelený.pdf"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=16484.005AF8F8.1477310933 --type=renderer "C:\Users\Michal\Documents\Škola\Knihovna & výpisky\Matematika, 2e - Hájková, Johanis, John, Kalenda, Zelený.pdf"
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=24328.14089c00.1635447904 "C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{f65af8e3-60ed-4a06-9699-c361e87a3f01}\plugins\npwiddit.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 24328 "\\.\pipe\gecko-crash-server-pipe.24328" plugin
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=24328.5eb2e00.453995115 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 24328 "\\.\pipe\gecko-crash-server-pipe.24328" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --proxy-stub-channel=Flash24712.6BAF1D90.8405 --host-broker-channel=Flash24712.6BAF1D90.10581 --host-pid=24712 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe" --channel=17764.001CF844.1578689671 --proxy-stub-channel=Flash24712.6BAF1D90.8405 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {93289F0B-1554-4FBF-A117-28367F3F0DD7}
"C:\Windows\system32\notepad.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Michal\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
C:\Windows\tasks\HPCeeScheduleForMichal.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si= ... =chrome&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
Web Search.xml
wikipedia-cz.xml

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\
{ada4b710-8346-4b82-8199-5de2b400a6ae}
{f65af8e3-60ed-4a06-9699-c361e87a3f01}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\searchplugins\
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{036451d5-97b6-4882-a0cb-0f3b6de4df8d}]
HomeTab - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll [2013-05-16 1038920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-21 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll [2003-06-30 337920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-21 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{036451d5-97b6-4882-a0cb-0f3b6de4df8d} - HomeTab - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll [2013-05-16 1038920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2012-09-29 7173632]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-04-02 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-04-02 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-04-02 439064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AutoKMS"=C:\Windows\AutoKMS.exe [2013-05-01 615936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-04-16 19662744]
"TorrentStream"=C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe [2013-04-15 27256]
"FreeAC"=C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [2011-11-22 1327440]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-29 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-06-12 184736]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-27 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-21 13:25:50 ----D---- C:\Program Files\trend micro
2013-05-21 13:25:49 ----D---- C:\rsit
2013-05-18 17:05:35 ----D---- C:\Program Files\Foxit Software
2013-05-16 03:03:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-16 03:03:00 ----A---- C:\Windows\system32\mshtml.dll
2013-05-16 03:02:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-16 03:02:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-16 03:02:30 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-16 03:02:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-16 03:02:29 ----A---- C:\Windows\system32\iertutil.dll
2013-05-16 03:02:28 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-16 03:02:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-16 03:02:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-16 03:02:28 ----A---- C:\Windows\system32\url.dll
2013-05-16 03:02:28 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-16 03:02:28 ----A---- C:\Windows\system32\ieui.dll
2013-05-16 03:02:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-16 03:02:27 ----A---- C:\Windows\system32\urlmon.dll
2013-05-16 03:02:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-16 03:02:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-16 03:02:26 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-16 03:02:26 ----A---- C:\Windows\system32\jscript9.dll
2013-05-16 03:02:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-16 03:02:25 ----A---- C:\Windows\system32\wininet.dll
2013-05-16 03:02:25 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-16 03:02:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-16 03:02:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-16 03:02:24 ----A---- C:\Windows\system32\vbscript.dll
2013-05-16 03:02:24 ----A---- C:\Windows\system32\jscript.dll
2013-05-16 03:02:19 ----A---- C:\Windows\system32\ieframe.dll
2013-05-16 03:02:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-15 16:47:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-05-15 16:19:16 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 16:19:16 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 16:19:03 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 16:19:02 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 16:19:02 ----A---- C:\Windows\system32\authui.dll
2013-05-15 16:19:01 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 16:19:00 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 16:19:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 16:19:00 ----A---- C:\Windows\system32\consent.exe
2013-05-15 16:19:00 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 16:18:51 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 16:18:51 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 16:18:51 ----A---- C:\Windows\system32\win32k.sys
2013-05-03 12:48:49 ----D---- C:\Program Files (x86)\Citrus Alarm Clock
2013-05-01 12:16:19 ----A---- C:\Windows\system32CmdLineExt.dll
2013-05-01 07:24:50 ----A---- C:\Windows\AutoKMS.exe
2013-05-01 01:19:32 ----D---- C:\Program Files\Common Files\DESIGNER
2013-05-01 01:18:38 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-05-01 01:18:05 ----D---- C:\Windows\PCHEALTH
2013-05-01 01:18:05 ----D---- C:\Program Files\Microsoft Sync Framework
2013-05-01 01:18:05 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-05-01 01:16:25 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-05-01 01:15:16 ----D---- C:\Program Files\Microsoft Analysis Services
2013-05-01 01:15:15 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2013-05-01 01:14:54 ----D---- C:\Program Files (x86)\Microsoft Office
2013-05-01 01:14:41 ----D---- C:\Program Files\Microsoft Office
2013-05-01 01:14:05 ----RHD---- C:\MSOCache
2013-04-24 13:31:35 ----A---- C:\Windows\system32\drivers\ntfs.sys

======List of files/folders modified in the last 1 month======

2013-05-21 13:37:04 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-05-21 13:25:50 ----RD---- C:\Program Files
2013-05-21 10:50:10 ----D---- C:\Windows\system32\config
2013-05-21 10:40:44 ----D---- C:\Windows\Temp
2013-05-20 19:02:08 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-05-19 21:40:35 ----D---- C:\Users\Michal\AppData\Roaming\Winamp
2013-05-19 19:47:04 ----A---- C:\Windows\SYSWOW64\log.txt
2013-05-19 19:45:45 ----D---- C:\Windows\Prefetch
2013-05-19 19:45:29 ----D---- C:\Windows
2013-05-19 19:45:28 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2013-05-19 19:38:00 ----SHD---- C:\System Volume Information
2013-05-19 17:02:59 ----SHD---- C:\Windows\Installer
2013-05-19 17:02:59 ----SHD---- C:\Config.Msi
2013-05-19 17:02:07 ----D---- C:\Windows\SysWOW64
2013-05-19 16:50:56 ----D---- C:\Program Files (x86)\SMPlayer
2013-05-19 16:48:46 ----D---- C:\Windows\Minidump
2013-05-19 16:48:46 ----D---- C:\Windows\debug
2013-05-19 02:19:25 ----RD---- C:\Program Files (x86)
2013-05-19 02:19:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-05-18 00:03:59 ----D---- C:\Program Files (x86)\HomeTab
2013-05-18 00:03:57 ----D---- C:\Users\Michal\AppData\Roaming\HomeTab
2013-05-16 04:12:03 ----D---- C:\Windows\rescache
2013-05-16 03:49:10 ----RSD---- C:\Windows\assembly
2013-05-16 03:49:10 ----D---- C:\Windows\Microsoft.NET
2013-05-16 03:31:25 ----D---- C:\Windows\winsxs
2013-05-16 03:28:36 ----D---- C:\Windows\system32\drivers
2013-05-16 03:28:36 ----D---- C:\Windows\AppPatch
2013-05-16 03:28:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-05-16 03:28:33 ----D---- C:\Windows\system32\cs-CZ
2013-05-16 03:28:33 ----D---- C:\Windows\System32
2013-05-16 03:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-16 03:28:30 ----D---- C:\Windows\SYSWOW64\migration
2013-05-16 03:28:29 ----D---- C:\Windows\system32\migration
2013-05-16 03:28:28 ----D---- C:\Program Files\Internet Explorer
2013-05-16 03:08:08 ----A---- C:\Windows\system32\MRT.exe
2013-05-16 03:08:00 ----D---- C:\ProgramData\Microsoft Help
2013-05-16 03:05:30 ----D---- C:\Windows\inf
2013-05-16 03:05:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-16 03:03:09 ----D---- C:\Windows\system32\catroot
2013-05-16 03:02:45 ----D---- C:\Windows\system32\catroot2
2013-05-15 16:47:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-14 18:56:01 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2013-05-13 05:52:48 ----A---- C:\Windows\Launcher.exe
2013-05-08 22:39:16 ----D---- C:\TorrentStream
2013-05-06 19:08:32 ----D---- C:\Windows\Tasks
2013-05-06 19:08:32 ----D---- C:\Windows\system32\Tasks
2013-05-06 18:03:43 ----D---- C:\Program Files (x86)\Protected Search
2013-05-06 18:02:59 ----D---- C:\Program Files (x86)\Browser Updater
2013-05-03 03:02:34 ----D---- C:\Program Files\Common Files\System
2013-05-03 03:02:34 ----A---- C:\Windows\win.ini
2013-05-02 17:29:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-05-01 07:24:50 ----A---- C:\Windows\AutoKMS.ini
2013-05-01 01:19:46 ----RSD---- C:\Windows\Fonts
2013-05-01 01:19:33 ----D---- C:\Windows\ShellNew
2013-05-01 01:19:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-05-01 01:19:32 ----D---- C:\Program Files\Common Files
2013-05-01 01:18:28 ----D---- C:\Program Files (x86)\MSBuild
2013-05-01 01:18:05 ----SD---- C:\ProgramData\Microsoft
2013-05-01 01:18:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-04-25 15:38:18 ----D---- C:\Users\Michal\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-04-26 30488]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-17 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-04-26 43800]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2012-09-29 22592]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-09-29 4747328]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-27 14748416]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2012-03-26 2891512]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\drivers\usbfilter.sys [2011-12-13 56448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 chtqeqec;chtqeqec; \??\C:\Windows\system32\drivers\chtqeqec.sys []
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys [2012-01-04 103552]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys [2012-01-04 220288]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
S3 BTWDPAN;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-01 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-27 493904]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-26 33560]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-06-12 1421728]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-19 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-01 1255736]
S4 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-10-19 1564368]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[Teebo]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by Michal on Łt 21.05.2013 at 18:22:30,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Michal\AppData\Roaming\simplytech"
Successfully deleted: [Folder] "C:\Users\Michal\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\protected search"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\Michal\AppData\Roaming\mozilla\firefox\profiles\o0pi787p.default\searchplugins\web search.xml
Successfully deleted the following from C:\Users\Michal\AppData\Roaming\mozilla\firefox\profiles\o0pi787p.default\prefs.js

user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.order.1", "Web Search");
user_pref("browser.search.selectedEngine", "Web Search");
user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chr
Emptied folder: C:\Users\Michal\AppData\Roaming\mozilla\firefox\profiles\o0pi787p.default\minidumps [129 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 21.05.2013 at 18:28:17,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Teebo]

# AdwCleaner v2.301 - Log vytvooen 21/05/2013 v 18:31:23
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - MICHAL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Users\Michal\AppData\LocalLow\simplytech

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\ProtectedSearch
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16483

[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&q=%s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&q=%s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q=

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.26] : keyword = "search.certified-toolbar.com",
Nalezeno [l.30] : search_url = "hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&q={searchTerms}",

*************************

AdwCleaner[R4].txt - [4991 octets] - [21/05/2013 18:31:23]

########## EOF - C:\AdwCleaner[R4].txt - [5051 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Teebo]

# AdwCleaner v2.301 - Log vytvooen 21/05/2013 v 19:17:33
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Michal - MICHAL-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Michal\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Users\Michal\AppData\LocalLow\simplytech

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\ProtectedSearch
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16483

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&q=%s --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&q=%s --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=43251&tid=3623&ver=2.9&ts=1367856182436&tguid=43251-3623-1367856182436-C7C56538722D253412E7CF0C9524582A&st=chrome&q= --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.26] : keyword = "search.certified-toolbar.com",
Vymazáno [l.30] : search_url = "hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=13678561[...]

*************************

AdwCleaner[S2].txt - [5314 octets] - [21/05/2013 19:17:33]

########## EOF - C:\AdwCleaner[S2].txt - [5374 octets] ##########

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Teebo]

OTL logfile created on: 21.5.2013 20:16:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,88 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 46,91% Memory free
7,77 Gb Paging File | 4,65 Gb Available in Paging File | 59,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,34 Gb Total Space | 256,89 Gb Free Space | 57,95% Space Free | Partition Type: NTFS
Drive D: | 20,12 Gb Total Space | 3,09 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,97 Gb Free Space | 99,34% Space Free | Partition Type: FAT32

Computer Name: MICHAL-PC | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.21 20:14:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
PRC - [2013.05.15 16:47:11 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe
PRC - [2013.04.12 02:05:27 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\tsupdate.exe
PRC - [2012.07.03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012.06.12 14:51:06 | 001,421,728 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2012.03.28 19:38:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.03.28 19:38:24 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.03.28 19:38:08 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.03.27 17:02:44 | 001,045,328 | R--- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2012.03.27 11:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.03.14 14:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012.03.09 11:22:46 | 000,070,960 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2012.03.01 04:06:42 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.03.01 04:06:36 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.03 06:42:00 | 000,498,352 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2011.11.22 17:53:28 | 001,327,440 | ---- | M] (Comfort Software Group) -- C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
PRC - [2011.01.28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011.01.28 07:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe


========== Modules (No Company Name) ==========

MOD - [2013.05.21 19:20:12 | 001,175,040 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._core_.pyd
MOD - [2013.05.21 19:20:12 | 001,153,024 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_ssl.pyd
MOD - [2013.05.21 19:20:12 | 001,022,416 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\windows._cacheinvalidation.pyd
MOD - [2013.05.21 19:20:12 | 000,805,888 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._gdi_.pyd
MOD - [2013.05.21 19:20:12 | 000,735,232 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._misc_.pyd
MOD - [2013.05.21 19:20:12 | 000,557,056 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\pysqlite2._sqlite.pyd
MOD - [2013.05.21 19:20:12 | 000,364,544 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\pythoncom27.dll
MOD - [2013.05.21 19:20:12 | 000,320,512 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32com.shell.shell.pyd
MOD - [2013.05.21 19:20:12 | 000,128,512 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_elementtree.pyd
MOD - [2013.05.21 19:20:12 | 000,110,080 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\PyWinTypes27.dll
MOD - [2013.05.21 19:20:12 | 000,108,544 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32security.pyd
MOD - [2013.05.21 19:20:12 | 000,098,816 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32api.pyd
MOD - [2013.05.21 19:20:12 | 000,087,040 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_ctypes.pyd
MOD - [2013.05.21 19:20:12 | 000,070,656 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._html2.pyd
MOD - [2013.05.21 19:20:12 | 000,044,032 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_socket.pyd
MOD - [2013.05.21 19:20:12 | 000,035,840 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32process.pyd
MOD - [2013.05.21 19:20:12 | 000,026,624 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_multiprocessing.pyd
MOD - [2013.05.21 19:20:12 | 000,025,600 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32pdh.pyd
MOD - [2013.05.21 19:20:12 | 000,022,528 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32ts.pyd
MOD - [2013.05.21 19:20:12 | 000,017,408 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32profile.pyd
MOD - [2013.05.21 19:20:12 | 000,011,264 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32crypt.pyd
MOD - [2013.05.21 19:20:11 | 001,062,400 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._controls_.pyd
MOD - [2013.05.21 19:20:11 | 000,811,008 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._windows_.pyd
MOD - [2013.05.21 19:20:11 | 000,711,680 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\_hashlib.pyd
MOD - [2013.05.21 19:20:11 | 000,686,080 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\unicodedata.pyd
MOD - [2013.05.21 19:20:11 | 000,127,488 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\pyexpat.pyd
MOD - [2013.05.21 19:20:11 | 000,122,368 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\wx._wizard.pyd
MOD - [2013.05.21 19:20:11 | 000,119,808 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32file.pyd
MOD - [2013.05.21 19:20:11 | 000,038,912 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32inet.pyd
MOD - [2013.05.21 19:20:11 | 000,018,432 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\win32event.pyd
MOD - [2013.05.21 19:20:10 | 000,010,240 | ---- | M] () -- C:\Users\Michal\AppData\Local\Temp\_MEI27242\select.pyd
MOD - [2013.05.16 03:32:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.16 03:31:51 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013.05.16 03:31:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.05.15 16:47:10 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe
MOD - [2013.04.12 02:05:27 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 17:38:40 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.01.29 18:20:40 | 000,082,944 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\cpyamf.util.pyd
MOD - [2013.01.29 18:20:40 | 000,066,048 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\cpyamf.amf0.pyd
MOD - [2013.01.10 01:34:35 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c78244854f84b69701fcee19b543645\IAStorUtil.ni.dll
MOD - [2013.01.10 01:34:35 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1c402ca365b68a2616ea3a5194d38310\IAStorCommon.ni.dll
MOD - [2013.01.09 19:08:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 19:07:55 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 19:07:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 19:07:37 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 19:07:33 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.11.14 18:00:08 | 000,018,944 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\pycompat.pyd
MOD - [2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\tsupdate.exe
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\pythoncom27.dll
MOD - [2012.02.07 18:38:58 | 000,358,912 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\pythoncom27.dll
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\win32api.pyd
MOD - [2012.02.07 18:37:24 | 000,098,816 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\win32api.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:30 | 000,024,064 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\win32pdh.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\win32file.pyd
MOD - [2012.02.07 18:36:08 | 000,111,616 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\win32file.pyd
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\pywintypes27.dll
MOD - [2012.02.07 18:35:46 | 000,110,080 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\pywintypes27.dll
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:22 | 000,674,816 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wx._misc_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:12 | 000,966,144 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wx._controls_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:06 | 000,670,720 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wx._windows_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:38:00 | 000,746,496 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wx._gdi_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wx._core_.pyd
MOD - [2011.07.15 21:37:48 | 000,981,504 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wx._core_.pyd
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:26 | 000,479,744 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_html_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:16 | 000,730,112 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_adv_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:34:10 | 003,165,184 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wxmsw28uh_core_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:40 | 000,122,368 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_net_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\wxbase28uh_vc.dll
MOD - [2011.07.15 21:33:38 | 001,300,992 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\wxbase28uh_vc.dll
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,720,896 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\_ssl.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\_socket.pyd
MOD - [2011.06.12 15:09:18 | 000,038,400 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\_socket.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:24 | 000,152,576 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\pyexpat.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,287,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\_hashlib.pyd
MOD - [2011.06.12 15:06:22 | 000,106,496 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\_ctypes.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\select.pyd
MOD - [2011.06.12 15:06:22 | 000,011,776 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\select.pyd
MOD - [2011.06.12 15:06:20 | 000,688,128 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\unicodedata.pyd
MOD - [2011.03.21 02:29:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.13 17:02:12 | 000,031,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\Crypto.Cipher.AES.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\lib\M2Crypto.__m2crypto.pyd
MOD - [2011.01.18 23:56:22 | 000,334,336 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\M2Crypto.__m2crypto.pyd
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.10.11 00:23:52 | 000,723,968 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\lib\apsw.pyd


========== Services (SafeList) ==========

SRV:64bit: - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012.09.29 16:00:50 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2012.04.26 14:56:00 | 000,033,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.03.27 17:02:44 | 000,493,904 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2012.03.20 07:45:18 | 002,694,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2012.03.14 14:23:06 | 000,152,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2012.03.07 02:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.03.05 17:04:18 | 000,314,880 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012.02.26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.02.26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.02.26 05:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.02.26 05:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.02.01 18:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.15 16:47:11 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.12 02:05:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.19 23:28:04 | 001,564,368 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.06.12 14:51:06 | 001,421,728 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2012.04.02 10:30:08 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.03.28 19:38:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.03.28 19:38:24 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.03.28 19:38:08 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.03.20 07:28:20 | 002,325,584 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2012.03.14 14:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012.03.09 11:22:42 | 000,117,552 | ---- | M] (Portrait Displays, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012.03.01 04:06:36 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.02.03 06:42:00 | 000,498,352 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2011.01.28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.17 16:25:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.09.29 16:00:50 | 004,747,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.09.29 16:00:50 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012.04.26 14:56:00 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.04.26 14:56:00 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.03.27 11:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.27 11:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.27 11:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.27 07:09:56 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.26 17:14:04 | 002,891,512 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2012.03.09 05:55:26 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.03.08 03:01:00 | 000,058,000 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.03.05 17:04:18 | 000,536,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 01:28:10 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.02.28 01:28:08 | 000,026,200 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2012.02.22 13:54:08 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012.02.03 06:42:00 | 000,042,816 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2012.02.02 05:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012.02.02 05:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012.02.02 05:07:18 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2012.02.02 05:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012.02.02 05:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012.02.02 05:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012.02.02 05:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012.02.02 00:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.01.04 07:24:18 | 000,220,288 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2012.01.04 07:24:18 | 000,103,552 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011.12.13 20:44:16 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011.12.06 16:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.09 22:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.18 08:11:44 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.07.27 16:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.07.27 16:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.06.22 12:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3709121103-697001368-1351868520-1004\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "https://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: alertbox%40ajitk.com:0.4.8.20130402
FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.1
FF - prefs.js..extensions.enabledAddons: %7Bf65af8e3-60ed-4a06-9699-c361e87a3f01%7D:3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michal\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michal\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@torrentstream.net/tsplugin,version=2.0.8.6: C:\Users\Michal\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.09.29 21:57:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.19 19:09:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 02:05:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.19 17:02:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Michal\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org [2013.04.02 18:24:33 | 000,000,000 | ---D | M]

[2012.09.29 16:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Extensions
[2013.05.18 00:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions
[2013.05.16 08:47:18 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2013.05.18 00:04:14 | 000,000,000 | ---D | M] (HomeTab) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{f65af8e3-60ed-4a06-9699-c361e87a3f01}
[2013.04.03 10:31:35 | 000,180,693 | ---- | M] () (No name found) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\alertbox@ajitk.com.xpi
[2013.04.12 02:05:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.12 02:05:27 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.27 01:25:32 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.27 01:25:32 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.27 01:25:32 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.27 01:25:32 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.27 01:25:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: about:newtab?source=home
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michal\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michal\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michal\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Disk Google = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: avast! WebRep = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: HomeTab = C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbigfkbippnoeffniighecdghnbnmced\3.1_0\

O1 HOSTS File: ([2013.03.18 19:25:52 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (HomeTab) - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (HomeTab) - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - C:\Users\Michal\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000..\Run: [TorrentStream] C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe ()
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3709121103-697001368-1351868520-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.113.0.2 195.113.44.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{350719A6-CA5E-4B1C-B313-121017B2C3C7}: DhcpNameServer = 195.113.0.2 195.113.44.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0FC55BD-1CAA-47B9-8180-389DB3148571}: DhcpNameServer = 172.18.1.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D03125B1-40A3-4A5A-A573-151818EB3434}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cf8614ec-8daf-11e2-8ec9-a0b3cc26c927}\Shell - "" = AutoRun
O33 - MountPoints2\{cf8614ec-8daf-11e2-8ec9-a0b3cc26c927}\Shell\AutoRun\command - "" = G:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[Teebo]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.21 20:14:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2013.05.21 18:22:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.21 18:21:50 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.21 18:21:32 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Michal\Desktop\JRT.exe
[2013.05.21 13:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.05.21 13:25:49 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.18 17:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
[2013.05.18 17:05:35 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013.05.17 13:38:15 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\foto
[2013.05.16 03:02:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.16 03:02:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.16 03:02:28 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.16 03:02:28 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.16 03:02:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.16 03:02:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.16 03:02:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.16 03:02:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.16 03:02:27 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.16 03:02:26 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 03:02:26 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.16 03:02:26 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.16 03:02:24 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.16 03:02:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.16 03:02:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.15 16:47:02 | 009,195,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.05.15 16:19:16 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 16:19:02 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 16:19:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 16:19:00 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 16:19:00 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 16:18:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.05.21 20:19:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.21 20:14:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\OTL.exe
[2013.05.21 20:13:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
[2013.05.21 19:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.21 19:27:27 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:27:26 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.21 19:25:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.21 19:20:30 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.21 19:19:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.21 19:19:10 | 4170,940,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.21 18:29:37 | 000,632,031 | ---- | M] () -- C:\Users\Michal\Desktop\adwcleaner.exe
[2013.05.21 18:21:40 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Michal\Desktop\JRT.exe
[2013.05.21 13:13:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2013.05.21 10:36:11 | 000,935,175 | ---- | M] () -- C:\Users\Michal\Desktop\RSITx64.exe
[2013.05.19 17:09:14 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2013.05.19 17:09:14 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2013.05.18 19:54:09 | 000,214,279 | ---- | M] () -- C:\Users\Michal\Desktop\Matematika_I_article.pdf
[2013.05.18 19:46:32 | 000,277,345 | ---- | M] () -- C:\Users\Michal\Desktop\Matematika_II_article.pdf
[2013.05.18 19:29:22 | 000,264,016 | ---- | M] () -- C:\Users\Michal\Desktop\Matematika_III_article.pdf
[2013.05.18 19:12:32 | 000,195,938 | ---- | M] () -- C:\Users\Michal\Desktop\Matematika_IV_article.pdf
[2013.05.18 17:05:42 | 000,000,958 | ---- | M] () -- C:\Users\Michal\Desktop\Foxit PDF Editor.lnk
[2013.05.16 03:31:01 | 000,438,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.16 03:30:55 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMichal.job
[2013.05.16 03:05:30 | 001,597,052 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.16 03:05:30 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.05.16 03:05:30 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.16 03:05:30 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.05.16 03:05:30 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.15 16:47:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 16:47:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.15 16:47:02 | 009,195,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.21 20:19:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.21 18:29:37 | 000,632,031 | ---- | C] () -- C:\Users\Michal\Desktop\adwcleaner.exe
[2013.05.21 10:35:52 | 000,935,175 | ---- | C] () -- C:\Users\Michal\Desktop\RSITx64.exe
[2013.05.19 17:09:14 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2013.05.19 17:09:14 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2013.05.18 19:14:44 | 000,264,016 | ---- | C] () -- C:\Users\Michal\Desktop\Matematika_III_article.pdf
[2013.05.18 19:14:33 | 000,277,345 | ---- | C] () -- C:\Users\Michal\Desktop\Matematika_II_article.pdf
[2013.05.18 17:14:51 | 000,195,938 | ---- | C] () -- C:\Users\Michal\Desktop\Matematika_IV_article.pdf
[2013.05.18 17:05:42 | 000,000,958 | ---- | C] () -- C:\Users\Michal\Desktop\Foxit PDF Editor.lnk
[2013.05.18 17:02:36 | 000,214,279 | ---- | C] () -- C:\Users\Michal\Desktop\Matematika_I_article.pdf
[2013.05.01 07:24:50 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2013.03.27 21:24:46 | 000,023,624 | ---- | C] () -- C:\Windows\Launcher.exe
[2013.03.23 18:59:27 | 000,000,579 | ---- | C] () -- C:\Windows\qtracker.INI
[2013.03.23 17:26:18 | 000,000,030 | ---- | C] () -- C:\Windows\Q3version.ini
[2013.03.23 17:25:21 | 000,000,551 | ---- | C] () -- C:\Windows\Qiii.INI
[2013.03.17 18:33:15 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\qttask.exe
[2012.11.14 01:05:20 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2012.10.01 00:40:38 | 001,555,776 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.29 21:31:02 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.09.29 16:03:28 | 000,094,776 | ---- | C] () -- C:\Windows\un_dext.exe
[2012.09.29 16:03:28 | 000,087,928 | ---- | C] () -- C:\Windows\SPRemove_x64.exe
[2012.09.29 16:03:28 | 000,014,479 | ---- | C] () -- C:\Windows\TWAIN2080.ini
[2012.09.29 16:03:28 | 000,003,926 | ---- | C] () -- C:\Windows\Dext_12.ini
[2012.09.29 16:03:28 | 000,003,892 | ---- | C] () -- C:\Windows\Dext_27.ini
[2012.09.29 16:03:28 | 000,003,884 | ---- | C] () -- C:\Windows\Dext_25.ini
[2012.09.29 16:03:28 | 000,003,882 | ---- | C] () -- C:\Windows\Dext_21.ini
[2012.09.29 16:03:28 | 000,003,820 | ---- | C] () -- C:\Windows\Dext_11.ini
[2012.09.29 16:03:28 | 000,003,802 | ---- | C] () -- C:\Windows\Dext_14.ini
[2012.09.29 16:03:28 | 000,003,802 | ---- | C] () -- C:\Windows\Dext_05.ini
[2012.09.29 16:03:28 | 000,003,704 | ---- | C] () -- C:\Windows\Dext_10.ini
[2012.09.29 16:03:28 | 000,003,700 | ---- | C] () -- C:\Windows\Dext_16.ini
[2012.09.29 16:03:28 | 000,003,682 | ---- | C] () -- C:\Windows\Dext_08.ini
[2012.09.29 16:03:28 | 000,003,672 | ---- | C] () -- C:\Windows\Dext_31.ini
[2012.09.29 16:03:28 | 000,003,648 | ---- | C] () -- C:\Windows\Dext_36.ini
[2012.09.29 16:03:28 | 000,003,624 | ---- | C] () -- C:\Windows\Dext_1046.ini
[2012.09.29 16:03:28 | 000,003,622 | ---- | C] () -- C:\Windows\Dext_20.ini
[2012.09.29 16:03:28 | 000,003,588 | ---- | C] () -- C:\Windows\Dext_06.ini
[2012.09.29 16:03:28 | 000,003,586 | ---- | C] () -- C:\Windows\Dext_22.ini
[2012.09.29 16:03:28 | 000,003,550 | ---- | C] () -- C:\Windows\Dext_19.ini
[2012.09.29 16:03:28 | 000,003,550 | ---- | C] () -- C:\Windows\Dext_07.ini
[2012.09.29 16:03:28 | 000,003,522 | ---- | C] () -- C:\Windows\Dext_02.ini
[2012.09.29 16:03:28 | 000,003,492 | ---- | C] () -- C:\Windows\Dext_24.ini
[2012.09.29 16:03:28 | 000,003,450 | ---- | C] () -- C:\Windows\Dext_29.ini
[2012.09.29 16:03:28 | 000,003,416 | ---- | C] () -- C:\Windows\Dext_01.ini
[2012.09.29 16:03:28 | 000,003,342 | ---- | C] () -- C:\Windows\Dext_30.ini
[2012.09.29 16:03:28 | 000,003,220 | ---- | C] () -- C:\Windows\Dext_09.ini
[2012.09.29 16:03:28 | 000,003,174 | ---- | C] () -- C:\Windows\Dext_13.ini
[2012.09.29 16:03:28 | 000,002,895 | ---- | C] () -- C:\Windows\remove.ini
[2012.09.29 16:03:28 | 000,002,850 | ---- | C] () -- C:\Windows\Dext_04.ini
[2012.09.29 16:03:28 | 000,002,750 | ---- | C] () -- C:\Windows\Dext_17.ini
[2012.09.29 16:03:28 | 000,002,674 | ---- | C] () -- C:\Windows\Dext_18.ini
[2012.09.29 16:03:28 | 000,002,638 | ---- | C] () -- C:\Windows\Dext_2052.ini
[2012.06.22 12:01:32 | 000,019,984 | ---- | C] () -- C:\Windows\SysWow64\drivers\EsgScanner.sys
[2012.04.12 14:56:38 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPPassFilter.dll.hpsign
[2012.04.12 14:56:38 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPCrProv.dll.hpsign
[2012.04.12 14:56:26 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPLic.dll.hpsign
[2012.03.29 22:59:18 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.03.27 17:02:54 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPFPApiUI.dll.hpsign
[2012.03.27 17:02:44 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPSCEL.dll.hpsign
[2012.03.27 17:02:44 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPFPApi.dll.hpsign
[2012.03.27 17:02:44 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPClback.dll.hpsign
[2012.03.27 07:19:12 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.03.27 07:19:10 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.03.27 07:03:48 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.27 05:53:44 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.03.21 12:08:52 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\vcsAPIShared.dll.hpsign
[2012.03.07 01:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.02.10 02:43:04 | 000,014,192 | ---- | C] () -- C:\Windows\HPun2430Version.dll
[2011.10.12 02:02:14 | 000,187,728 | ---- | C] () -- C:\Windows\SysWow64\PassThroughOTP.dll
[2011.10.12 02:02:14 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\PassThroughOTP.dll.hpsign
[2011.09.07 10:35:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\scardsyn.dll

========== ZeroAccess Check ==========

[2012.07.14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\o0pi787p.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.04.03 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\.Torrent Stream
[2013.03.28 21:56:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer
[2013.03.28 21:52:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer Pro
[2012.09.29 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2012.09.29 22:01:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DigitalPersona
[2013.05.21 19:20:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2012.11.14 00:53:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEM Data
[2013.05.18 00:03:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HomeTab
[2013.04.15 02:56:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2012.10.19 23:28:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ Search
[2012.10.14 22:05:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ldoce4
[2012.12.08 13:29:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PotPlayerMini
[2012.09.29 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sierra Wireless
[2012.10.11 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SumatraPDF
[2012.09.29 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Synaptics
[2013.05.21 13:37:04 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2012.10.11 20:22:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\xm1

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.19 19:10:08 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.19 19:10:10 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.27 22:58:04 | 000,000,336 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job
[2013.04.11 23:52:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.02 13:08:39 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2013.05.02 13:08:40 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.04.03 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\.Torrent Stream
[2012.09.30 20:50:42 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Adobe
[2013.03.28 21:56:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer
[2013.03.28 21:52:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BSplayer Pro
[2012.09.29 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2012.09.29 22:01:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DigitalPersona
[2013.05.21 19:20:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Dropbox
[2012.09.29 21:57:45 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FLEXnet
[2012.11.14 00:53:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEM Data
[2012.10.08 19:45:05 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hewlett-Packard
[2012.09.29 17:18:36 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Hewlett-Packard Company
[2013.05.18 00:03:57 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HomeTab
[2012.09.29 21:57:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\hpqLog
[2013.04.15 02:56:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2012.10.19 23:28:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ Search
[2012.09.29 15:32:34 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Identities
[2012.09.29 16:00:54 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\InstallShield
[2012.09.29 16:21:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Intel
[2012.09.29 16:36:14 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Intel Corporation
[2012.10.14 22:05:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ldoce4
[2012.09.29 17:48:00 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2012.09.29 21:57:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macrovision
[2012.10.03 17:19:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MathematicaPlayer
[2010.11.21 09:16:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2013.04.05 14:18:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Player Classic
[2013.03.19 12:57:28 | 000,000,000 | --SD | M] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2012.10.11 20:16:15 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MiKTeX
[2012.09.29 16:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2012.12.08 13:29:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\PotPlayerMini
[2012.10.14 21:35:44 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio
[2012.10.14 21:35:43 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio Burn
[2012.09.29 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Roxio Log Files
[2012.10.14 22:04:26 | 000,000,000 | RH-D | M] -- C:\Users\Michal\AppData\Roaming\SecuROM
[2012.09.29 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sierra Wireless
[2013.04.25 15:38:18 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Skype
[2012.10.11 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SumatraPDF
[2012.09.29 16:54:25 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Synaptics
[2013.03.24 03:15:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TorrentStream
[2013.05.21 13:37:04 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\uTorrent
[2013.05.14 18:56:01 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\vlc
[2013.05.19 21:40:35 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Winamp
[2012.09.29 16:47:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinRAR
[2012.10.11 20:22:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\xm1

< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 10:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.03.12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.08.27 06:21:14 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.08.27 06:21:24 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michal\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.09.29 21:57:46 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\agent.exe
[2012.09.29 21:57:46 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\dwusplay.exe
[2012.09.29 21:57:46 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\isdm.exe
[2012.09.29 21:57:46 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\FLEXnet\Connect\11\issch.exe
[2012.09.29 21:57:48 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\Macrovision\FLEXnet Connect\11\agent.exe
[2012.09.29 21:57:47 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\Users\Michal\AppData\Roaming\Macrovision\FLEXnet Connect\6\agent.exe
[2013.03.24 03:13:30 | 000,150,214 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\Uninstall.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\backup\last\tsengine.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\backup\last\tsengine_stream.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.11\tsengine.exe
[2013.04.02 16:56:42 | 000,028,416 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.11\tsengine_stream.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.12\tsengine.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.12\tsengine_stream.exe
[2013.03.28 20:15:40 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.7\tsengine.exe
[2013.03.28 20:15:40 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.7\tsengine_stream.exe
[2013.03.31 20:05:20 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.8\tsengine.exe
[2013.03.31 20:05:20 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.8\tsengine_stream.exe
[2013.04.01 12:04:40 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.9\tsengine.exe
[2013.04.01 12:04:40 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\.data\engine2\download\2.0.8.9\tsengine_stream.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe
[2013.04.15 18:41:26 | 000,027,256 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine_stream.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\engine\w9xpopen.exe
[2012.11.29 15:56:24 | 000,098,936 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\player\tsplayer.exe
[2012.11.29 15:56:24 | 000,039,544 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\player\vlc-cache-gen.exe
[2012.10.26 15:43:52 | 000,026,232 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\tsupdate.exe
[2011.06.12 15:05:52 | 000,049,664 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\TorrentStream\updater\w9xpopen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.05.21 19:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.21 20:25:10 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.21 20:25:11 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.21 13:13:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
[2013.05.21 20:13:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
[2013.05.16 03:30:55 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.05.20 19:04:23 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2013.05.21 19:22:15 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GoogleDriveSync" = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart -- [2013.04.16 16:10:44 | 019,662,744 | ---- | M] (Google)
"TorrentStream" = C:\Users\Michal\AppData\Roaming\TorrentStream\engine\tsengine.exe -- [2013.04.15 18:41:26 | 000,027,256 | ---- | M] ()
"FreeAC" = C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun -- [2011.11.22 17:53:28 | 001,327,440 | ---- | M] (Comfort Software Group)
"Google Update" = "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.09.29 18:09:46 | 000,116,648 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.12 02:05:27 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[1378 C:\Program Files (x86)\Mozilla Firefox\*.tmp files -> C:\Program Files (x86)\Mozilla Firefox\*.tmp -> ]

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.04.05 00:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.21 20:19:44 | 000,000,512 | ---- | M] () MD5=4FCDD660C8D704E957E4088501FEC5E5 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.09.28 16:54:35 | 000,015,860 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\uTorrent\Might And Magic Heroes VI Crack.torrent

< *keygen* /s >
[2010.04.13 21:26:14 | 000,009,728 | ---- | M] () -- \Program Files (x86)\RVG Software\Holdem Manager\KeyGenerateClassLibrary.dll
[2012.09.28 16:51:48 | 000,007,507 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\uTorrent\Heroes VI Might and Magic 6 KEYGEN 2011.torrent

< *loader* /s >
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.10.19 23:27:47 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.10.19 23:27:47 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.10.19 23:27:47 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.10.19 23:29:28 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2005.01.31 11:31:04 | 000,003,025 | ---- | M] () -- \Program Files (x86)\Longman\ldoce4v2\components\uriloader.xpt
[2011.01.28 07:45:02 | 000,015,473 | ---- | M] () -- \Program Files (x86)\PostgreSQL\8.4\doc\pljava\pljava\org\postgresql\pljava\sqlj\Loader.html
[2011.01.28 05:13:46 | 000,000,708 | ---- | M] () -- \Program Files (x86)\PostgreSQL\8.4\include\server\utils\dynamic_loader.h
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.05.21 12:41:00 | 000,379,444 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\luatexbase-loader.pdf
[2011.05.21 12:41:00 | 000,000,555 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-latex.tex
[2011.05.21 12:41:00 | 000,000,548 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader-plain.tex
[2011.05.21 12:41:00 | 000,000,411 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.lua
[2011.05.21 12:41:00 | 000,000,419 | ---- | M] () -- \Program Files\MiKTeX 2.9\doc\luatex\luatexbase\test-loader.sub.lua
[2012.04.26 17:32:56 | 000,003,848 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\generic\oberdiek\luatex-loader.sty
[2011.05.21 12:41:00 | 000,002,580 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase-loader.sty
[2011.05.21 12:41:00 | 000,002,075 | ---- | M] () -- \Program Files\MiKTeX 2.9\tex\luatex\luatexbase\luatexbase.loader.lua
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.05.21 19:20:10 | 000,008,192 | ---- | M] () -- \Users\Michal\AppData\Local\Temp\_MEI27242\_win32sysloader.pyd
[2013.05.19 19:44:44 | 000,008,192 | ---- | M] () -- \Users\Michal\AppData\Local\Temp\_MEI38042\_win32sysloader.pyd
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\engine\lib\_win32sysloader.pyd
[2012.09.13 14:09:56 | 000,000,553 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\fs\default\1024\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\fs\default\1280\loader.png
[2012.09.13 14:09:56 | 000,000,686 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\fs\default\1600\loader.png
[2012.09.13 14:09:56 | 000,001,239 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\fs\default\1920\loader.png
[2012.09.13 14:09:56 | 000,000,453 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\fs\default\800\loader.png
[2012.09.13 14:09:56 | 000,000,477 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\player\skins\nofs\default\playlist\loader.png
[2012.02.07 18:37:14 | 000,008,192 | ---- | M] () -- \Users\Michal\AppData\Roaming\TorrentStream\updater\lib\_win32sysloader.pyd
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.361\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.362\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2012.07.17 14:18:16 | 000,009,051 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.17 14:18:16 | 000,016,119 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.17 14:18:16 | 000,018,434 | ---- | M] () -- \Windows.old\Users\Michal\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.03.21 02:30:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.03.21 02:30:05 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.03.21 02:30:05 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.03.21 02:30:05 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.03.21 02:30:05 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.10.01 00:47:47 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.10.01 00:47:47 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.10.01 00:47:48 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.10.01 00:47:48 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.10.01 00:47:48 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.03.21 02:26:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[Teebo]

OTL Extras logfile created on: 21.5.2013 20:16:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,88 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 46,91% Memory free
7,77 Gb Paging File | 4,65 Gb Available in Paging File | 59,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,34 Gb Total Space | 256,89 Gb Free Space | 57,95% Space Free | Partition Type: NTFS
Drive D: | 20,12 Gb Total Space | 3,09 Gb Free Space | 15,36% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,97 Gb Free Space | 99,34% Space Free | Partition Type: FAT32

Computer Name: MICHAL-PC | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E6CD31-5206-4217-8AA3-36FBA254ACDE}" = lport=139 | protocol=6 | dir=in | app=system |
"{1309BFEA-B3EE-403D-9FBB-5E990132F17E}" = lport=445 | protocol=6 | dir=in | app=system |
"{15132AAD-769C-45DF-8DD8-A27E17984DF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2ADEB38E-F1FF-4DD5-82FD-48BB901B9185}" = rport=137 | protocol=17 | dir=out | app=system |
"{3481AA62-E453-41C5-B280-E3E23EC2A9F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BE79F9F-B1B5-4BBF-96D2-A52C1EFE310C}" = rport=138 | protocol=17 | dir=out | app=system |
"{4843B3BF-473E-467D-87A1-2934E60F32F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4919A2EA-2B2D-41C7-B03D-729885787C6B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4CD95354-0ED2-46A3-A764-13D87B315AFA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5ED8009D-B1C9-4262-B22B-DB187DB48E93}" = rport=139 | protocol=6 | dir=out | app=system |
"{6814AD62-CFAA-459B-B77B-D173A7B3B2B7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{713EEFC8-C41B-4C83-B897-9F6B94D4A076}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E25CE1D-E945-4163-BECD-C10B3EC86E9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8BA13DF6-E178-4CCC-96E0-811B8F676DFF}" = lport=137 | protocol=17 | dir=in | app=system |
"{8F7EBB57-D446-4B0F-BAD6-B71ABEC4BE42}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{9B617078-6AAE-4511-A658-F003A2BB9119}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D7472FA-1121-4F31-8A81-9F9E460D091C}" = rport=445 | protocol=6 | dir=out | app=system |
"{A298B9DD-5D7F-4CDD-8BA2-F46C737DA3D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A8CAEF1D-A6ED-40E1-B4D0-D13E8600AB06}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B58EF854-036C-44E0-AA24-6743CFDA8B78}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BDF50ECA-AE96-4CE6-8CA0-833F96FEDBEF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F1A763E3-89CA-4C0F-A07D-46B1D8E2A2DB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2E22640-D559-4067-94AE-6A399E1C172B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6B97411-4D3E-451E-8DDC-A52555E60C4D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA911AD3-0F8B-4E39-BB91-8CEFC064D2CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C92335B-7970-47D7-BBE6-53B78CAB69FD}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{0CAA63E7-56C8-4A1A-ABCE-039CB25EEFCE}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{12C0A109-D5FC-4237-B3F8-7F54A47CE751}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{143EF18B-C261-4DCE-8E1E-876205428F99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{18AEA190-2927-4F95-AB3F-4C415B194D7F}" = dir=in | app=c:\program files (x86)\browser updater\tbupdater.dll |
"{1D244E19-F29C-49E2-BB45-66EBE5C31359}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{225634CD-09FB-465D-9199-D819CE71078F}" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"{31E80C83-1D67-4184-BEBD-6697746D214D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{36AAA175-A7D7-4C56-8A29-216E7EADD29C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{37F0CDEB-8824-46DB-9BF9-25482193B17A}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{3BB56EA0-64F5-4C0C-829E-563D939DB555}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{3C77BB34-A624-4F98-9550-6527A566BD2A}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{40413817-D7F9-4404-934C-F11CAB2D2D26}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4805956C-3F33-4C13-9465-00151EAC67A0}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{487FCC5C-9E8B-4580-9F91-C760A6C03EDE}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{57A6C3C3-4186-4621-9BB3-11FB2C5A35FE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5E83D87A-D865-496D-B1E3-50FE49829D3D}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{5F72072D-36D8-4D91-A87C-83626B3226D7}" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe |
"{63F129F8-0AA8-42CE-82BE-A228DAC41FBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{666D866E-E810-45C4-8D33-3672061EE1DE}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{694205AB-5D27-41F0-B0AF-E5739C698F50}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{71167B57-FF7F-4639-B9BE-10711F7BA98C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7376A69A-5AA6-4C7B-8329-9B4951739258}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{7AC1CBF4-FFA7-4DC2-B1BF-4EBE9B5F6F67}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{859907B9-B915-4E2E-A97E-0D57938EC372}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{861FF019-6ED5-4021-A2D4-9085461D197D}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{89431308-0D9E-4F64-ACD3-578F090BF6CB}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{8A799E67-8933-44FD-9C43-86EEB08392B9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8BF6FCC5-71A3-4400-97FF-08D1AE85F5D8}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{8EBBAE75-FE5E-4A8A-A4F6-12D2598DC419}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{901F1B48-470B-4476-9A7B-EEC1BF65F651}" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe |
"{93122BCF-DA27-4F3D-9B7A-274424F3E95F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9BE6EE72-BEFF-4483-99B4-734772E6635D}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{9D808D58-1F94-4EDA-97DA-ABC65C20CDF3}" = protocol=58 | dir=in | app=system |
"{A2315D2E-FF2D-42E9-BA97-8C4AED7DEBE9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A490A2D0-D8E2-4134-9683-F4E02F39C78C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9BE40D2-454A-49C2-8C70-CC46E423E175}" = protocol=6 | dir=out | app=system |
"{ACD86478-551A-43F4-9A14-457FE8DC27A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AED83730-28AD-4D38-BE40-D2877CCF3C8A}" = dir=out | app=c:\program files (x86)\browser updater\tbupdater.dll |
"{B4BFA0AC-AC20-4CF8-9433-BA01E7384CFD}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B5AADDB0-7DF2-4D57-AFBF-A7A468EFB4F5}" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"{B69B5A98-2726-4DEE-B4D7-A28CB43841F1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B926BEE6-9044-4B9E-B6E3-9676745EC601}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{B9CECA69-DF04-49A9-8406-D07402B74086}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9D2654D-5CFD-439D-A4EE-2653026F4B46}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{BBE6B214-CAC3-42F9-AAA6-C1862384CC8D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4370952-1D12-4E19-A22B-84A43C7AB0F9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{C85059CD-CCF7-43B4-A882-E710287BF4AA}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{C91CE226-6103-4526-81AD-E47553F98AB5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{D3C99943-AFC0-4FEB-B076-045E321E06AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3E55245-7532-48C7-994C-A4076C24EF64}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DE79264D-0360-4319-BA50-7B9E4BEDF947}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2C916D8-9301-417F-BAC3-91F792204AFD}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{E4DED93E-5C5C-4366-A48B-DA450D8799EE}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{EAA59C49-352D-4BFF-8433-8D1022B3A8BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F053228A-02D7-4168-92B6-F8C74E687C47}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEA8C337-A43C-4E0D-900C-0781D2A56A1B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{18660DDF-D9B2-4B68-B628-C1BF2F8498FF}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{2965D78C-A743-46B4-B9A7-AE88479623E1}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{306B16D9-8EC9-4F8F-B981-F8A93E5E1EAA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{3AC99DE6-45C5-481B-AC5A-2E6260CF8F64}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{4B444615-5555-4B8A-A653-F18A85373CF5}C:\quake iii arena\quake3\quake3.exe" = protocol=6 | dir=in | app=c:\quake iii arena\quake3\quake3.exe |
"TCP Query User{6D0FCD77-F2C2-473A-A1A5-FEAA6399CDB4}C:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe |
"TCP Query User{6FEC3283-6577-489F-BB3D-E277DC138B8B}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{8D979A22-4703-4325-BA81-7F48C8481BAF}C:\users\michal\appdata\roaming\torrentstream\player\tsplayer.exe" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\player\tsplayer.exe |
"TCP Query User{936310AC-D5A5-44D7-AA2A-246E33F6504B}C:\program files (x86)\qtracker\qtracker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qtracker\qtracker.exe |
"TCP Query User{958935AB-10BF-4C5A-BFD8-A02CC76B638B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{992BF823-5F2C-471D-B2DB-DFE0D1A4A7B4}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{A193D2DE-FE49-4530-9F73-307548ACE395}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B68FB92C-F7ED-4A79-AF62-9753DEBB140B}C:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{D1D57ED7-5908-4124-9CAE-9BEF1A370C07}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{285A4B1C-B587-4C86-8363-5BE45AFFBCF0}C:\quake iii arena\quake3\quake3.exe" = protocol=17 | dir=in | app=c:\quake iii arena\quake3\quake3.exe |
"UDP Query User{33B65CF3-D8F6-462F-89D9-D69D4419A967}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{3856FF5A-BF96-4C3D-9BB0-D2D92F094541}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{66A6166A-45DA-417B-9836-FAEBFCA9417B}C:\users\michal\appdata\roaming\torrentstream\player\tsplayer.exe" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\player\tsplayer.exe |
"UDP Query User{68D2D820-081D-4B74-9FC5-6E62BF984A48}C:\program files (x86)\qtracker\qtracker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qtracker\qtracker.exe |
"UDP Query User{754D9E1F-9A6E-4233-9BF3-AC424352AE0A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{81F6CE18-BA3E-466F-8DC0-118F1A09D5E9}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{82BEB642-3A7E-433F-8B51-3CCF16579294}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{8B6CDABF-FF14-4747-AE2F-DE2FD2535AE5}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A353BA3E-7A2E-48B1-B2C3-D967AEA3BD6B}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{AF12C510-292A-4D46-9BB6-553A93D917BB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{C9066F68-9204-4598-9BED-078B766A86F5}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{DB03C44D-88D0-48A2-A8A7-D31EBCD90FD8}C:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{F1827AAC-8274-4109-86E0-3D84789AA465}C:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe" = protocol=17 | dir=in | app=c:\users\michal\appdata\roaming\torrentstream\engine\tsengine.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{5809F3E0-6638-46B4-A2FF-464131961117}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6FE8E073-D159-4419-93E2-CE2C5B078562}" = HP ProtectTools Security Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}" = Validity Fingerprint Sensor Driver
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Broadcom Bluetooth Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BBDDFD86-E8E5-42FA-85E4-373FAE1DC731}" = HP Power Assistant
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{E2D0B67F-8032-4E11-87C6-C8C721D331B3}" = Software Intel® PROSet/Wireless WiFi
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"A-WIN-Extras 8.0.4 2609412_is1" = Mathematica Extras 8.0 (2609412)
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"Defraggler" = Defraggler
"HPProtectTools" = HP ProtectTools Security Manager
"MediaInfo" = MediaInfo 0.7.62
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MiKTeX 2.9" = MiKTeX 2.9
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{2687340C-C114-47DC-9F0E-C1BA85FEB001}" = POWERPREP II
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{593AFFA4-D08E-4272-BABB-420949D32A10}" = QUICKfind
"{6357258D-2BF9-49E7-A9EF-0C609D52C46D}" = HP ESU for Microsoft Windows 7
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.5.0
"{8fe626a7-c343-4eb4-880e-23ca663b0cf0}_is1" = HomeTab 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB4CC828-05EE-4A9B-9097-E0308C27ECCB}" = HP Connection Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}" = HP System Default Settings
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7530589-81AA-40B4-8A7A-56B22DCF62EC}" = HP Software Framework
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F24F876B-7D71-4BD6-88E9-614D3BB84228}" = Alcor Micro Smart Card Reader Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Browser Updater_is1" = Browser Updater 1.1
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DjVuLibre+DjView" = DjVuLibre+DjView
"Foxit PDF Editor" = Foxit PDF Editor
"Guard.Mail.ru" = Guard.ICQ
"HoldemManager" = Holdem Manager
"Image Grabber II" = Image Grabber II
"ldoce4v2" = LONGMAN Dictionary of Contemporary English
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PotPlayer" = Daum PotPlayer 1.5.28025
"SopCast" = SopCast 3.5.0
"Sunplus SPUVCb" = HP HD Webcam Driver
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Texmaker" = Texmaker
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3709121103-697001368-1351868520-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"TorrentStream" = Torrent Stream 2.0.8.6

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.5.2013 13:20:04 | Computer Name = Michal-PC | Source = PostgreSQL | ID = 0
Description = 2013-05-21 19:20:04 CESTFATAL: the database system is starting up


Error - 21.5.2013 13:20:31 | Computer Name = Michal-PC | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 25.4.2013 15:15:43 | Computer Name = Michal-PC | Source = WLAN-Tray | ID = 0
Description = 21:15:26, Thu, Apr 25, 13 Error - Unable to gain access to user store


[ HP Connection Manager Events ]
Error - 20.3.2013 5:17:12 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.20 10:17:12.974|000014C8|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 22.3.2013 7:43:53 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.22 12:43:53.160|000005A0|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 27.3.2013 13:12:25 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.27 18:12:25.075|00001604|Error |[HP.Mobile]XmlHelper::LoadFile{System.Xml.XmlDocument(string)}|Exception:
Kořenový element chybí.

Error - 27.3.2013 13:12:25 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.03.27 18:12:25.090|00001604|Error |[HP.Mobile]LocationManager::g{bool()}|Failed
to load file C:\Users\Michal\AppData\Roaming\Hewlett-Packard\HP Connection Manager\Locations\LocationManager.idx
as XML document

Error - 3.4.2013 7:38:07 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.04.03 13:38:07.056|00000810|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 15.4.2013 16:15:11 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.04.15 22:15:11.844|00000634|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 22.4.2013 6:18:19 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.04.22 12:18:19.849|00001218|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 24.4.2013 7:18:52 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.04.24 13:18:51.492|00001218|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 8.5.2013 10:36:43 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.05.08 16:36:43.377|00000C60|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

Error - 16.5.2013 20:51:50 | Computer Name = Michal-PC | Source = hpMobile | ID = 5
Description = 2013.05.17 02:51:50.034|00001680|Error |[HP.Mobile]AutomaticLocationSelector::c{HP.Mobile.Locations.Location()}|Zadaná
adresa IP je neplatná.

[ HP Power Assistant Events ]
Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\_by2tuvb.dll nebyl nalezen.

Error - 1.10.2012 5:24:53 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\8chdewgi.dll nebyl nalezen.

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Soubor C:\Windows\TEMP\ug_kpcjh.dll
nebyl nalezen.DAT File Error

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\yq5zlh5v.dll nebyl nalezen.

Error - 1.10.2012 5:24:54 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\6vhp7eiu.dll nebyl nalezen.

Error - 1.10.2012 5:24:55 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1027
Description = An error occurred in HP Power Assistant application, [HPPA_Service].
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Soubor C:\Windows\TEMP\cowehl3c.dll nebyl nalezen.

Error - 1.10.2012 5:24:55 | Computer Name = Michal-PC | Source = HP PA Service | ID = 1006
Description = The Power Assistant service has crashed due to an unhandled exception.
Please
restart HP Power Assistant application. Additional details may be available in the
Details section. DETAILS Cíl vyvolání způsobil výjimku.ServiceWorkerMethod ABORTED!
-

Error - 25.12.2012 11:58:12 | Computer Name = Michal-PC | Source = HP PA Application | ID = 1011
Description = Failed to send a PIP report. Please restart HP Power Assistant application.
Additional
details may be available in the Details section. DETAILS Nelze načíst soubor nebo
sestavení HP.SupportFramework, Version=1.0.0.0, Culture=neutral, PublicKeyToken=2a4860322af7ba08
nebo jeden z jejich závislých prvků. Systém nemůže nalézt uvedený soubor.Please
verify HPSF is properly installed.

Error - 29.3.2013 15:44:59 | Computer Name = Michal-PC | Source = HP PA Application | ID = 1011
Description = Failed to send a PIP report. Please restart HP Power Assistant application.
Additional
details may be available in the Details section. DETAILS Nelze načíst soubor nebo
sestavení HP.SupportFramework, Version=1.0.0.0, Culture=neutral, PublicKeyToken=2a4860322af7ba08
nebo jeden z jejich závislých prvků. Systém nemůže nalézt uvedený soubor.Please
verify HPSF is properly installed.

Error - 2.5.2013 20:52:00 | Computer Name = Michal-PC | Source = HP PA Application | ID = 1011
Description = Failed to send a PIP report. Please restart HP Power Assistant application.
Additional
details may be available in the Details section. DETAILS Nelze načíst soubor nebo
sestavení HP.SupportFramework, Version=1.0.0.0, Culture=neutral, PublicKeyToken=2a4860322af7ba08
nebo jeden z jejich závislých prvků. Systém nemůže nalézt uvedený soubor.Please
verify HPSF is properly installed.

[ HP Software Framework Events ]
Error - 7.11.2012 9:35:12 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.07 14:35:12.483|000013A0|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 7.11.2012 9:35:13 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.07 14:35:13.637|00000808|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:15 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:15.713|00000980|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:15 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:15.713|000015A8|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 24.11.2012 7:39:19 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2012.11.24 12:39:19.831|000017CC|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '

Error - 4.1.2013 3:10:47 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.01.04 08:10:46.950|000015F0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 4.1.2013 3:10:47 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.01.04 08:10:47.262|000015F0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 9.4.2013 9:48:33 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.04.09 15:48:33.047|00000D68|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 9.4.2013 9:48:33 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.04.09 15:48:33.063|00000D68|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 16.4.2013 9:02:00 | Computer Name = Michal-PC | Source = CaslSmBios | ID = 5
Description = 2013.04.16 15:01:59.996|00000BA4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

[ System Events ]
Error - 21.5.2013 13:19:24 | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba SpyHunter 4 Service neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >

[vyosek]

Odinstalujte MSE, jinak bude v kolizi s Avastem

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
  O1364bit: - gopher Prefix: missing
  O18 - Protocol\Handler\ms-help - No CLSID value found
  O33 - MountPoints2\{cf8614ec-8daf-11e2-8ec9-a0b3cc26c927}\Shell - "" = AutoRun
  [2013.05.01 07:24:50 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
  [2013.05.21 19:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.05.21 20:25:10 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2013.05.21 20:25:11 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2013.05.21 13:13:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job
  [2013.05.21 20:13:00 | 000,000,966 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job
  [2013.05.16 03:30:55 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMichal.job
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "GoogleDriveSync"=-
  "TorrentStream"=-
  "Google Update"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "Adobe ARM"=-
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Teebo]

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS deleted successfully.
C:\Windows\AutoKMS.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf8614ec-8daf-11e2-8ec9-a0b3cc26c927}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf8614ec-8daf-11e2-8ec9-a0b3cc26c927}\ not found.
File C:\Windows\AutoKMS.exe not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3709121103-697001368-1351868520-1000UA.job moved successfully.
C:\Windows\Tasks\HPCeeScheduleForMichal.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveSync deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TorrentStream deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michal
->Temp folder emptied: 87963653 bytes
->Temporary Internet Files folder emptied: 166393 bytes
->Java cache emptied: 136954 bytes
->FireFox cache emptied: 241423695 bytes
->Google Chrome cache emptied: 345240850 bytes
->Flash cache emptied: 10569 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 57977 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 644,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Michal
->Flash cache emptied: 0 bytes

User: postgres

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Michal
->Java cache emptied: 0 bytes

User: postgres

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05222013_004541

Files\Folders moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Fajn, jak se chova PC

[Teebo]

Šlape bez problémů. Před čištěním jsem měl problémy s občasným padáním Firefoxu a celkovým lehkým zpomalením pc, zdá se, že obojí bylo vyřešeno.

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse